Canary Labs Inc. has a patch to mitigate an insecure ActiveX control method vulnerability in the company’s Trend Link ActiveX control software, according to a report on ICS-CERT.
Canary Labs updated Trend Link, and Kuang-Chun Hung of Security Research and Service Institute−Information and Communication Security Technology Center (ICST), who discovered the hole, tested the patch and verified that it mitigates the remotely exploitable vulnerability.
If exploited, an attacker could influence the paths or file names used in the software application. This could affect systems using Trend Link in the critical manufacturing and energy sectors in the United States, South America, and Europe.
Canary Labs reported s the vulnerabilities affect Trend Link Versions 188.8.131.52051 and prior. Successful exploit of this vulnerability could result in a denial of service (DoS) or remote code execution.
Canary Labs is a U.S.-based company that has products deployed in 24 countries, including the United States, South America, and Europe.
The affected product, Trend Link, is a trending application for SCADA systems.
Trend Link uses an ActiveX control that contains an insecure ActiveX control method. This control loads from “TrendDisplay.dll,” and contains a method called “SaveToFile” that allows users to save arbitrary files to any location on the server hosting the control. This vulnerability could result in a DoS or allow remote code execution.
CVE-2012-3022 is the number assigned to this vulnerability, which has a CVSS v2 base score of 7.9.
No known public exploits specifically target this vulnerability, but an attacker with medium skill could exploit this vulnerability.
Canary Labs published a customer notification concerning this vulnerability. Trend Link customers who wish to obtain the update and instructions on how to apply it should contact Canary Labs product support at firstname.lastname@example.org.