WECON is working on a fix for buffer overflow vulnerabilities in its LeviStudio software, according to a report on ICS-CERT.
All versions of LeviStudio suffer from the vulnerabilities, discovered by Independent security researchers Rocco Calvi and Brian Gorenc, working with Trend Micro’s Zero Day Initiative.
Successful exploitation of these vulnerabilities may allow remote code execution.
WECON is a China-based company and the affected product, LeviStudio, is an HMI programming software.
LeviStudio sees use across several sectors including chemical, critical manufacturing, and energy. WECON estimates this product sees action primarily used in Asia.
Specific flaws in the handling of some files may allow an attacker to cause a heap-based buffer overflow and execute code in the context of the running process.
CVE-2016-4533 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.
In addition, specific flaws in the handling of some files may allow an attacker to cause a stack-based buffer overflow and execute code in the context of the running process.
CVE-2016-5781 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.
These vulnerabilities are not exploitable remotely and cannot be exploited without user interaction. The exploit only triggers when a local user runs the vulnerable application and loads the malformed file or visits a malicious web site.
No known public exploits specifically target these vulnerabilities.
An attacker with low skill would be able to exploit these vulnerabilities. Crafting a working exploit for these vulnerabilities would not be difficult; however, social engineering is mandatory to convince the user to accept the malformed file or visit a malicious web site. This decreases the likelihood of a successful exploit.
WECON has not released a product fix to address the buffer overflow vulnerabilities in the LeviStudio software. WECON said they are planning to release a product fix.