Multiple DLL hijacking vulnerabilities have been identified in a software component used in Rockwell Automation’s FactoryTalk View Studio and the FactoryTalk Services Platform.
The vulnerable products are used worldwide for designing and operating industrial control systems (ICS) in a wide range of industries, including chemical, critical manufacturing, commercial facilities, government facilities, and energy.
According to an advisory published by ICS-CERT, the vulnerabilities (CVE-2014-9209) are related to an uncontrolled search path element. An attacker can exploit the weaknesses to gain access to the affected system with the privileges of the vulnerable application.
However, exploiting the vulnerability remotely is not easy because it requires a lot of social engineering. The attacker must convince the victim to accept a specially crafted DLL file and load it on the targeted machine.
The vulnerabilities affect FactoryTalk Services Platform versions prior to 2.71.00, and FactoryTalk View Studio version 8.00.00 and earlier. Rockwell Automation has released a patch (available to registered customer) to address the flaws.
The security holes were identified and reported by Argentina-based researcher Ivan Sanchez. This isn’t the first time the expert finds vulnerabilities in ICS products. He discovered similar flaws in products from Siemens, Schneider Electric, and the South Korea-based automation solutions provider Cimon, Inc.