#VU18643 Untrusted search path in Network Configurator for DeviceNet


Published: 2019-05-30

Vulnerability identifier: #VU18643

Vulnerability risk: Medium

CVSSv3.1: 6.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2019-10971

CWE-ID: CWE-426

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Network Configurator for DeviceNet
Server applications / SCADA systems

Vendor: Omron

Description

The vulnerability allows a remote attacker to gain access to data files or modify configuration.

The vulnerability exists due to executed malicious .dll file passed via untrusted search path. A remote attacker can modify search path to point to a malicious program in order to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways.

Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Network Configurator for DeviceNet: 3.41

External links
http://ics-cert.us-cert.gov/advisories/ICSA-19-134-01

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Untrusted search path in Omron Network Configurator for DeviceNet