Yokogawa patches widespread SCADA vulnerability
Networking process crashed by crafted packets
One of the world's major suppliers of industrial networking kit, Japanese company Yokogawa, has alerted the world to a vulnerability in 21 of its products.
The ICS-CERT advisory, here, identifies the company's CENTUM, ProSafe-RS, STARDOM, FAST/TOOLS and other systems as being at risk.
The vulns are “stack-based buffer overflow vulnerabilities”, the advisory states.
The overflows are in systems both with a Windows interface, and with embedded versions (such as the ProSafe's human-machine interface).
There are two denial-of-service vulnerabilities that can be triggered by a remote attacker by sending a crafted packet to “the process that executes over network communications”, cutting off communications to the targeted system.
More seriously, the network communication process can also be crashed by a crafted packet allowing the attacker to execute arbitrary code.
In its own advisory, Yokogawa says some of the products' latest releases are already available, and others will be patched.
The vulnerable process is only present in kit on the process control network (PCN), the company says, meaning that an attack wouldn't impact on business IT on the same network.
Industrial systems that are properly isolated from the Internet aren't at risk, the company says. ®