Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:21310
HistoryFeb 05, 2009 - 12:00 a.m.

C4 SCADA Security Advisory - AREVA e-terrahabitat / e-terraplatform Multiple Vulnerabilities

2009-02-0500:00:00
vulners.com
40
JSON

Background

Vendor product information, from www.areva-td.com :
AREVA T&D solution for real-time energy management systems; this suite of
software products can be configured to meet your specific needs and
business function. Transmission companies, Generation owners, Independent
System Operators and vertically integrated utilities can all benefit from
the
new features and functionality of e-terraplatform. All configurations of
eterraplatform
share a robust, portable and flexible foundation: highly available
real-time database, a high performance user interface, a comprehensive
modeling environment and a historical information system.

Description

Due to the sensitivity of SCADA security vulnerabilities, we can only
publicly disclose that multiple elements of the e-terraplatform suffer from
multiple vulnerabilities ranging from Denial of Service to Privilege
Escalation.
Details of these vulnerabilities will be disclosed only to legitimate
parties such as asset owners (utilities), after receiving the approval of
the local CERT or any other local official entity.

Impact

An attacker can exploit these vulnerabilities in order to:

  1. Halt the system's operation (Denial of Service)
  2. Gain unauthorized access with high privileges to the system
  3. Leverage these vulnerabilities to attempt to find additional
    vulnerabilities in the server to carry out the "corporate network to control
    center" and "field to control center" attack vectors mentioned in C4's S4
    2008 paper "Control System Attack Vectors and Examples: Field Site and
    Corporate Network"
    <http://www.c4-security.com/SCADA&#37;20Security&#37;20-&#37;20Attack&#37;20Vectors.pdf&gt; .

Affected Versions

e-terrahabitat version 5.5.x
e-terrahabitat version 5.6.x
e-terrahabitat version 5.7.x

Workaround/Fix

The vendor issued a security patch to address these vulnerabilities.

Additional Information

For additional information please contact us at info_at_c4-security.com.
Note that we will respond only to verified utility personnel and
governmental agencies.
Details of this vulnerability will be disclosed only to legitimate parties
such as asset owners (utilities), after receiving the approval of the local
CERT or any other local official entity.

The CVE identifiers assigned to these vulnerabilities by CERT are:
CVE-2009-0211
CVE-2009-0212
CVE-2009-0213
CVE-2009-0214

Credit

These vulnerabilities were discovered and exploited by Jonathan Afek and
Eyal Udassin from C4 Security (http://www.c4-security.com).
C4 Security is a leader in SCADA security reviews, auditing and penetration
testing.

Regards,

Eyal Udassin - C4
33 Jabotinsky St. The Twin Towers #1, Ramat Gan, Israel
[email protected] / <http://www.c4-security.com/&gt;
+972-547-684989

Related

packetstorm 1
securityvulns 1
cert 1
prion 4
cve 4
packetstorm
packetstorm
E-TerraHabitat Privilege Escalation / DoS
2009-02-05 00:00:00
securityvulns
securityvulns
AREVA T&amp;D e-terrahabitat multiple security vulnerabilities
2009-02-05 00:00:00
cert
cert
AREVA e-terrahabitat SCADA systems vulnerabilities
2009-02-05 00:00:00
prion
prion
Code injection
2009-02-08 22:30:00
Code injection
2009-02-08 22:30:00
Code injection
2009-02-08 22:30:00
cve
cve
CVE-2009-0212
2009-02-08 22:30:00
CVE-2009-0214
2009-02-08 22:30:00
CVE-2009-0213
2009-02-08 22:30:00
JSON
Related for SECURITYVULNS:DOC:21310
packetstorm1securityvulns1cert1prion4cve4