Your one-stop web resource providing safety and security information to manufacturers

AVEVA has an upgrade plan to handle an improper input validation and memory corruption vulnerabilities in its Vijeo Citect and Citect SCADA Floating License Manager, according to a report with NCCIC.

These vulnerabilities could allow an attacker to deny the acquisition of a valid license for legal use of the product. Schneider Electric reported these vulnerabilities.

RELATED STORIES
Delta Mitigation Plan for CNCSoft ScreenEditor
Philips has Plan to Fix Holter 2010 Plus Hole
GE Mitigation Plan for Anesthesia Devices
Emerson Patches DeltaV DCS

The following versions of Floating License Manager, which is used in Vijeo Citect and Citect SCADA, suffer from the remotely exploitable issues: Floating License Manager Version 2.3.0.0 and earlier.

A denial of service vulnerability related to preemptive item deletion in lmadmin and vendor daemon components allows a remote attacker to send a combination of messages to lmadmin or the vendor daemon, causing the heartbeat between lmadmin and the vendor daemon to stop and the vendor daemon to shut down.

Cyber Security

CVE-2018-20031 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.5.

In addition, a denial of service vulnerability related to message decoding in lmadmin and vendor daemon components allows a remote attacker to send a combination of messages to lmadmin or the vendor daemon, causing the heartbeat between lmadmin and the vendor daemon to stop and the vendor daemon to shut down.

CVE-2018-20032 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.5.

Also, a remote code execution vulnerability in lmadmin and vendor daemon components allows a remote attacker to corrupt the memory by allocating/deallocating memory, loading lmadmin or the vendor daemon and causing the heartbeat between lmadmin and the vendor daemon to stop. This would force the vendor daemon to shut down. No exploit of this vulnerability has been demonstrated.

CVE-2018-20033 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.8.

In another issue, there is a denial of service vulnerability related to adding an item to a list in lmadmin and vendor daemon components allows a remote attacker to send a combination of messages to lmadmin or the vendor daemon, causing the heartbeat between lmadmin and the vendor daemon to stop and the vendor daemon to shut down.

CVE-2018-20034 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.5.

The product sees use mainly in the energy sector and on a global basis.

No known public exploits specifically target these vulnerabilities. However, an attacker with low skill level could leverage the vulnerabilities.

AVEVA said users who have deployed Floating License Manager Version 2.3.0.0 and earlier to manage their Software Licensing for Vijeo Citect or Citect SCADA (Version 7.30 and later) could feel the impact.

Users should upgrade to Floating License Manager (FLM) Version 2.3.1.0 as soon as possible.

FLM Version 2.3.1.0 is already available via SESU (Schneider Electric Software Update tool).

Click here for further details.

Pin It on Pinterest

Share This