vendor:
ClearSCADA
by:
Jeremy Brown
7.5
CVSS
HIGH
Authentication Bypass
CWE
Product Name: ClearSCADA
Affected Version From: ClearSCADA 2010R1
Affected Version To:
Patch Exists: YES
Related CWE:
CPE:
Platforms Tested: Windows
2010
ClearSCADA Remote Authentication Bypass Exploit
There is an authentication bypass vulnerability in ClearSCADA that can be exploited by triggering an exception in dbserver.exe and taking advantage of the way the program handles it. When an exception occurs, ClearSCADA enters "Safe Mode" which exposes its diagnostic functions to remote users without requiring a valid login. A remote attacker could view sensitive information and possibly modify functions of the server running on the affected host.
Mitigation:
Apply the fix provided by the vendor: http://ics-cert.us-cert.gov/advisories/ICSA-11-173-01