The ArchestrAnaut

Straight from the Overview on the linked document

Invensys is aware that a denial of service type vulnerability, including exploit code has been posted on the web against the Wonderware Suitelink service, which is a common component of the System Platform and used to transport value, time and quality of digital I/O information and extensive diagnostics with high throughput between industrial devices, 3rd party and Wonderware products.
Invensys has confirmed the vulnerability exists for Wonderware products prior to the latest 2012 release and has identified mitigations for other products and prior versions. Please see the affected product list below.

The 54.0.0.0 and older versions of the SLSSVC Service can be crashed remotely due to a long and unallocatable unicode string when calling the internal _Grow() function. Version 58.0.0.0 and higher is not susceptible to this vulnerability. The SuiteLink version shipped with InTouch 2012 and WAS 2012 is not vulnerable to a crash but will show excessive resource consumption if exploited.
Invensys is preparing a Security Update that mitigates the identified denial of service vulnerability and can be installed on all supported versions of Wonderware products that use the SuiteLink service. Since this is a common component, Wonderware recommends the installation of this security update on all Wonderware product nodes that use SuiteLink communication.

To get all the details, follow this link below..

https://wdnresource.wonderware.com/support/docs/_SecurityBulletins/Security_Bulletin_LFSEC00000038.pdf

Or, if you are sufficiently paranoid and don’t trust clicking on arbitrary links (good for you), this is the top item on the list when you login to WDN.

- Andy

This entry was posted on Friday, May 18th, 2012 at 4:18 pm and is filed under Archestra, Security, System Platform. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.