Multiple vulnerabilities in ICONICS Products



Published: 2024-07-03
Risk Medium
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2024-1182
CVE-2024-1573
CVE-2024-1574
CWE-ID CWE-427
CWE-287
CWE-470
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
AlarmWorX Multimedia
Other software / Other software solutions

MobileHMI
Mobile applications / Apps for mobile phones

ICONICS Suite
Server applications / SCADA systems

GENESIS64
Server applications / SCADA systems

Energy AnalytiX
Server applications / SCADA systems

Hyper Historian
Client/Desktop applications / Other client software

Vendor

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Insecure DLL loading

EUVDB-ID: #VU93707

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-1182

CWE-ID: CWE-427 - Uncontrolled Search Path Element

Exploit availability: No

Description

The vulnerability allows a local user to compromise vulnerable system.

The vulnerability exists due to the application loads DLL libraries in an insecure manner. A local user can place a specially crafted .dll file and execute arbitrary code on victim's system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

AlarmWorX Multimedia: before 10.97.3

External links

http://www.cisa.gov/news-events/ics-advisories/icsa-24-184-03


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper Authentication

EUVDB-ID: #VU93708

Risk: Medium

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-1573

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests within the GENESIS64 Automatic Login feature. A remote attacker can bypass authentication process and gain elevated privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

MobileHMI: before 10.97.3

External links

http://www.cisa.gov/news-events/ics-advisories/icsa-24-184-03


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Unsafe reflection

EUVDB-ID: #VU93709

Risk: Low

CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-1574

CWE-ID: CWE-470 - Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

Exploit availability: No

Description

The vulnerability allows a local user to bypass authorization checks.

The vulnerability exists due to unsafe reflection in the licensing service. A local user can cause the improper authorization condition.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

ICONICS Suite: before 10.97.3

GENESIS64: before 10.97.3

Hyper Historian: before 10.97.3

Energy AnalytiX: before 10.97.3

MobileHMI: before 10.97.3

External links

http://www.cisa.gov/news-events/ics-advisories/icsa-24-184-03


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###