Multiple vulnerabilities in AVEVA System Platform

Published: 2021-06-30

Risk	Medium
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2021-33008 CVE-2021-33010
CWE-ID	CWE-306 CWE-248
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	AVEVA System Platform Server applications / SCADA systems
Vendor	AVEVA Software, LLC.

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Missing Authentication for Critical Function

EUVDB-ID: #VU54466

Risk: Low

CVSSv3.1: 7 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-33008

CWE-ID: CWE-306 - Missing Authentication for Critical Function

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to the affected software does not perform any authentication for functionality that requires a provable user identity. A remote authenticated attacker on the local network can gain access to target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

AVEVA System Platform: 2017 U3 SP1 P01 - 2020 R2 P01

External links

http://ics-cert.us-cert.gov/advisories/icsa-21-180-05

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Uncaught Exception

EUVDB-ID: #VU54467

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-33010

CWE-ID: CWE-248 - Uncaught Exception