Vulnerability Note VU#343971
ABB PCU400 vulnerable to buffer overflow
Overview
ABB PCU400 contains a vulnerability which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system.
Description
The ABB PCU400 application serves as a communication gateway between RTUs that use the IEC-870-5-104 protocol and the SCADA server. The diagnostic web application contains a software flaw which allows an attacker to gain full access on the PCU400 server by sending a specially crafted packet to the X87 web interface on TCP port 8087. Note that this issue affects PCU400 installations running the IEC60870-5-101/104 protocol based on X87. |
Impact
A remote attacker may be able to execute arbitrary code with the privileges of the account running the x87 application. |
Solution
Upgrade or Patch
|
Restrict Access
|
Systems Affected
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| ABB | Vulnerable | - | 03 Mar 2009 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | N/A | N/A |
| Temporal | N/A | N/A |
| Environmental | N/A | N/A |
References
- http://www.digitalbond.com/wiki/index.php/ABB_PCU400_Remote_Buffer_Overflow
- http://www.securityfocus.com/archive/1/496739/30/0/threaded
Credit
This issue was reported by Eyal Udassin and Idan Ofrat of C4 Security.
This document was written by Chris Taschner.
Other Information
- CVE IDs: CVE-2008-2474
- Date Public: 25 Sep 2008
- Date First Published: 25 Sep 2008
- Date Last Updated: 03 Mar 2009
- Severity Metric: 3.28
- Document Revision: 22
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.
This product is provided subject to the Notification as indicated here: http://www.us-cert.gov/legal.html#notify
