ICSA-15-293-02: InetNet SCADA Web Server Vulnerabilities (RCE/Path Traversal) CVE-2015-1001/1002/1003

Key Information Summary Vulnerability Overview Title: InetNet Solutions SCADA Web Server Vulnerabilities Alert Code: ICSA-15-293-02 Release Date: August 27, 2018 Affected Products Affected Versions: InetNet Solutions GmbH’s SCADA Web Server, versions prior to 2.02 Impact Successful exploitation could lead to file manipulation and deletion, execution of arbitrary code, and denial-of-service attacks. Vulnerability Details 1. Stack Overflow (CVE-2015-1001) - Lack of buffer size checking during HTTP request field parsing may allow remote code execution or denial of service. 2. Improper Handling of URL Encoding (CVE-2015-1002) - When input is URL-encoded, security features may be bypassed, enabling unauthorized file operations. 3. Path Traversal (CVE-2015-1003) - External input can be used to construct file and directory paths, potentially allowing reading of arbitrary OS files. Exploitation Remotely Exploitable Known Public Exploits: None Attack Difficulty: Low-skilled attackers can exploit Mitigation Measures InetNet Solutions GmbH has released version 2.02, which mitigates the identified vulnerabilities. Recommended Actions: - Isolate affected systems - Implement command whitelisting policies - Utilize proper network segmentation and firewall configurations - Limit network exposure appropriately - Establish a defense-in-depth strategy Summary This is an advisory regarding three vulnerabilities identified in the InetNet Solutions SCADA Web Server, involving stack overflow, improper URL encoding handling, and path traversal. These vulnerabilities can be exploited remotely and pose significant risks. The vendor has released a patched version (2.02), and additional mitigation measures are recommended to reduce risk.

Goal Reached Thanks to every supporter — we hit 100%!

ICSA-15-293-02: InetNet SCADA Web Server Vulnerabilities (RCE/Path Traversal) CVE-2015-1001/1002/1003