Multiple Vulnerabilities Discovered in a SCADA System
1 min read
Summary
According to a recent report, vulnerabilities have been discovered in the ICONICS Suite version 10.97.2 that could lead to escalation of privileges, denial of service (DoS) and, in certain circumstances, full system compromise.
A vulnerable GenBroker32 utility, distributed by ICONICS, changes permissions for a crucial directory that contains essential configuration, reporting and logging files, leaving them vulnerable to attack.
Phantom DLL hijacking, where attackers replace legitimate files with malicious ones, can be used by threat actors to conduct a variety of attacks, including unauthorised access, data manipulation, and trust relationship abuse, all the way up to full system compromise.
As a result, ICONICS released security updates to address these flaws, and experts suggest that affected users should review their installations and apply patches as soon as possible.
In order to safeguard against all vulnerabilities and attack methods, it is vital to keep all software up to date and to implement proper security controls.
In order to detect and prevent attacks such as malicious artifacts in transit and anomalous command access to OT field devices, users are advised to use suitable security tools and services.
