Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2013.0053 Important security notification - Schneider Electric Serial Modbus Driver Vulnerability 11 April 2013 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Schneider Electric Modbus Serial Driver Operating System: Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade Member content until: Saturday, May 11 2013 OVERVIEW A vulnerability has been identified in Schneider Electric's Modbus Serial driver. [1] IMPACT The vendor has stated the following: "Under certain conditions, which would require a multi-step process, an internal buffer overflow condition could be created. An attacker could gain control of the program flow and execute arbitrary code with the permissions of the user running any of the software products listed below. Windows Platform and Modbus Serial Driver version Windows OS version Modbus Serial Driver XP 32 bit V1.10 IE v37 Vista 32 bit 2.2 IE12 Windows 7 32 bit 2.2 IE12 Windows 7 64 bit 3.2 IE12 Schneider Electric Product and version Product Version TwidoSuite 2.31.04 and prior PowerSuite 2.6 and prior SoMove V1.7 and prior SoMachine V2.0, V3.0, V3.1, V3.0 XS Unity Pro V7.0 and prior UnityLoader V2.3 and prior Concept V2.6 SR7 and prior ModbusCommDTMsl V2.1.2 and prior PL7 V4.5 SP5 and prior SFT2841 V14; V13.1 and prior OFS V3.50 and prior" [1] MITIGATION The vendor has stated the following: "Schneider Electric will fix this issue in the next released version of the ModbusDriverSuite on or around May 17th 2013. This new release will be implemented into each Software product from the list above in order to close the vulnerability. If the updated Software Product is not available, customers may contact Schneider Electric support personnel to get the new ModbusDriverSuite as separate installable." [1] REFERENCES [1] Important security notification - Schneider Electric Serial Modbus Driver Vulnerability http://download.schneider-electric.com/files?p_File_Id=47991052&p_File_Name=SEVD-2013-070-01.pdf AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUWdf0O4yVqjM2NGpAQJ4AxAArnG5uASFkLmOLjiZdS2waHUlVESSRTed BYolhBBwXkoekvvBp3sqvW0NzSCqbdhiPhsXotvByqzjfwh1RtZU5bOERS+U7kSR X2UzFs1PyzKr36MxTLhty2xylkzm5pxFwz6UGav7Vl9uRMtg5mmmLvyua1TB7AfV 5+4kZewidDpRaZYjiJpe96POz01dnDs3Cdd2c57nq0Ca/iJXfnUCn2hJpYO1LDhl ORs+r3DEQeVtgRaItHV2ByLRXeQzRkX9/sPrrzGeE34pIggkwGpTGx9yb5T54CkQ 1K9U4fYlnAwqGMRD4atMVo+YXOJNBjLVOY//I5z+NDYWVe6aFK0uXmkJhp2Ani8C ihBci7hOKy0TL1zjENp2TRy8+tKrlQUb/YduwTe1GcGwbAPYPwADh25VnCOZlBuQ SxBW85T3KElU4Io9t4hmmLmBtZDNf3noaZrnXXkpqlOUsIXQ+gYXm7iIHX5hD56A gcBI2HyeOknh6SCMt9ZMFC3EYoenj7ZGNS53FP0N7uC/JTrH8vaRMs7rB0yTS/h5 ocxZWXtns0QX2/Vkle/JnEiiO8DHLr6olEYebzCb7rrRWifxKM1HGXKOjoVcabLv vi2MJOFHIFlSA0aEcnh1Cukn9Wx8K+gQtejk4KP1cUmSg0kory93u/JC4sWTWp1/ 4qqMhLp9iZE= =DGbS -----END PGP SIGNATURE-----