Organizations Notified of Remotely Exploitable Vulnerabilities in Aveva HMI, SCADA Products

Organizations using Aveva’s HMI and SCADA products have recently been informed of the existence of several potentially serious vulnerabilities. Last week, Aveva and CISA published security advisories in regards to three vulnerabilities in the InTouch Access Anywhere HMI and Plant SCADA Access Anywhere products. One of the flaws, a high-severity path traversal vulnerability, was discovered by Jens Regel from German cybersecurity firm Crisec. This vulnerability allows an unauthenticated attacker with network access to the secure gateway to read files on the system outside the secure gateway web server.

In addition to the path traversal vulnerability, two other flaws were identified. These flaws impact third-party components and include a critical OpenSSL bug that can lead to denial-of-service (DoS) attacks or arbitrary code execution, and a medium-severity issue related to the use of a vulnerable version of jQuery. Software updates that patch all of these vulnerabilities are available from the vendor.

The UK’s National Cyber Security Centre (NCSC) has also recently been credited for finding a vulnerability in Aveva’s Plant SCADA and Telemetry Server products. This critical vulnerability could allow an unauthenticated attacker to remotely read data, cause a DoS condition, and tamper with alarm states. Advisories about this vulnerability have been published by both CISA and Aveva.

In conclusion, organizations using Aveva’s HMI and SCADA products should be aware of the existence of several potentially serious vulnerabilities. These vulnerabilities can allow attackers to access sensitive information, cause DoS conditions, and tamper with alarm states. Software updates that patch all of these vulnerabilities are available from the vendor and should be installed as soon as possible.

Key Points:

• Organizations using Aveva’s HMI and SCADA products have been informed of the existence of several potentially serious vulnerabilities.

• Three vulnerabilities have been identified: a high-severity path traversal vulnerability, a critical OpenSSL bug, and a medium-severity issue related to the use of a vulnerable version of jQuery.

• The UK’s National Cyber Security Centre (NCSC) has also been credited for finding a vulnerability in Aveva’s Plant SCADA and Telemetry Server products.

• Software updates that patch all of these vulnerabilities are available from the vendor and should be installed as soon as possible.