The vulnerabilities found in such companies' products include:
- AzeoTech DAQFactory Stack Overflow
- Beckhoff TwinCAT 'TCATSysSrv.exe' Network Packet Denial of Service Vulnerability
- Cogent DataHub Multiple Vulnerabilities
- Measuresoft ScadaPro Multiple Vulnerabilities
- Progea Movicon Multiple Vulnerabilities
- Rockwell RSLogix Overflow Vulnerability
Following is a breakdown on the individual vulnerabilities found in the above systems:
- AzeoTech DAQFactory Stack Overflow: There is one stack overflow vulnerability with PoC exploit code affecting AzeoTech DAQFactory, a SCADA/HMI Product. The vulnerability is exploitable via a service running on Port 20034/UDP, according to the report.
DAQFactory is a SCADA and HMI software used in multiple industries including water, power, and manufacturing. DAQFactory installations are primarily located in the United States and Europe.
- Beckhoff TwinCAT 'TCATSysSrv.exe' Network Packet Denial of Service Vulnerability: There is a vulnerability with PoC exploit code affecting Beckhoff TwinCAT, a SCADA/HMI product. Services running on Port 48899\UDP are vulnerable, according to the report.
Beckhoff TwinCAT is a software system capable of controlling multiple PLCs in a system. This system sees use in industries including manufacturing, energy, water and wastewater, and building automation.
Beckhoff’s headquarters is in Verl, Germany.
- Cogent DataHub Multiple Vulnerabilities: There are four vulnerabilities with PoC exploit code affecting Cogent DataHub. The vulnerabilities are remotely exploitable through the following ports: Stack Overflow, Remote – Ports 4052 and 4053; Integer Overflow, Remote – Port 80; Directory Traversal, Remote – Port 80; and Information Exposure, Remote – Port 80.Cogent DataHub is SCADA management software sees use in industries including manufacturing, energy, financial, and pharmaceuticals.
- Measuresoft ScadaPro Multiple Vulnerabilities: There are multiple vulnerabilities with PoC exploit code affecting Measuresoft ScadaPro. The vulnerabilities are remotely exploitable through Port 11234/UDP, according to the report.ScadaPro is a SCADA system used in power generation, oil and gas, pharmaceuticals, and manufacturing.Measuresoft Development Ltd. has headquarters in Louth, Ireland with an office in Missouri City, Texas.
- Progea Movicon Multiple Vulnerabilities: There are three vulnerabilities with PoC exploit code affecting Progea Movicon PowerHMI Version 11, a SCADA/HMI product.Movicon 11 is a HMI development system that uses a web-enabled architecture based on JAVA, including drivers for PLCs. PowerHMI Version 11 is based on SCADA HMI Movicon Version 11.
Movicon see use primarily in Italy with a small percentage of installations in other European countries.
- Rockwell RSLogix Overflow Vulnerability: There is an overflow vulnerability with PoC exploit code affecting the Rockwell RSLogix 19. Services running on Port 4446 are vulnerable to a memory overflow, according to this report. Rockwell Automation provides industrial automation control and information products worldwide, across a wide range of industries. The Rockwell RSLogix family is a group of ladder logic programming packages that operates on Microsoft Windows operating systems. RSLogix 5 supports the Allen-Bradley PLC-5 family of programmable controllers.
- PoC: Proof-of-Concept
- SCADA: Supervisory Control and Data Acquisition
- HMI: Human-Machine Interface
- PLC: Programmable Logic Controller