7-Technologies Interactive Graphical SCADA System (IGSS) versions 8 and 9 contain multiple vulnerabilities that could allow an unauthenticated, remote attacker to launch directory traversal attacks or execute arbitrary code on the targeted system.
A directory traversal vulnerability exists in the IGSSdataServer.exe process that could allow the attacker to gain unauthorized access or download arbitrary files. An attacker could exploit this vulnerability by supplying special characters to the vulnerable software.
A remote code execution vulnerability also exists in the IGSSdataServer.exe process that could allow the attacker to execute arbitrary code on the targeted system.
In addition to these vulnerabilities, multiple stack-buffer overflow vulnerabilities exist in the dc.exe process. An unauthenticated, remote attacker could exploit these vulnerabilities to execute arbitrary code or cause a denial of service condition on the targeted system.
Functional code that exploits this vulnerability is publicly available.
7-Technologies has not confirmed these vulnerabilities and updated software is not available.
ICS CERT has released a security advisory at the following link: ICS-ALERT-11-080-03
The Cisco Applied Intelligence team has created the following companion document to guide administrators in identifying and mitigating attempts to exploit this vulnerability prior to applying updated software: Cisco Applied Mitigation Bulletin: Identifying and Mitigating Disclosed SCADA System Vulnerabilities