Once again, a Schneider Electric development is affected by security flaws. Cloud computing security specialists have revealed the presence of at least four critical vulnerabilities in the EcoStruxure Operator Terminal Expert product, which could allow SQL injection, among other risk scenarios.
Below is a brief overview of the four reported flaws, in addition to their respective scores and identification keys in the Common Vulnerability Scoring System (CVSS).
CVE-2020-7493: This flaw allows remote threat actors to execute arbitrary SQL queries against an exposed database. The flaw exists due to insufficient disinfection of user input when parsing parameters to “load_extension”.
A remote hacker should only trick a target user into opening a specially crafted VXDZ file so that they can execute arbitrary SQL commands within the application database. Successfully exploiting this vulnerability would allow the attacker to read, delete, or modify data in the database and gain complete control over the affected application.
The flaw received a score of 7.7/10 on the CVSS scale, so it is considered a high-gravity error, cloud computing security experts mention.
CVE-2020-7494: This flaw allows attackers to compromise a vulnerable system due to the signature on which VXDZ files are handled, as the application loads DLL libraries unsafely. Malicious hackers could trick the victim into opening a specially crafted .dll file and thus executing arbitrary code on the target system.
The vulnerability received a score of 8.3/10 on the CVSS scale, so it is considered a high-gravity error. Cloud computing security experts point out that, so far, no exploit has been reported to deploy this attack.
CVE-2020-7495: This flaw allows remote threat actors to perform directory scaling attacks and exists due to an inbound validation error when processing directory streams. A remote threat actor can trick the victim into opening a specially crafted ZIP file and gaining unauthorized write access outside the expected path folder.
The flaw received a score of 3.8/10 on the CVSS scale, so it is considered a reduced severity error. There is no exploit to complete this attack.
CVE-2020-7496: This vulnerability allows a remote attacker to gain write access to the system. The vulnerability exists due to the problem of injection or modification of the argument. A remote attacker can trick a victim into opening a specially crafted project file and gaining unauthorized write access to the target system.
The flaw also received a score of 3.8/10 on the CVSS scale.
Although there are no exploits for these vulnerabilities, the International Institute of Cyber Security (IICS) recommends that vulnerable deployment administrators upgrade their systems as soon as possible.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.