English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Schneider Electric Accutech Manager HTTP Request Processing Buffer Overflow Vulnerability


Secunia ID

SA52034

CVE-ID

CVE-2013-0658

Release Date

31 Jan 2013

Last Change

08 Jan 2014

Criticality

Moderately Critical

Solution Status

Vendor Patch

Software

Schneider Electric Accutech Manager 2.x

Where

From local network

Impact
System access

This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.

Description

A vulnerability has been reported in Schneider Electric Accutech Manager, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error within RFManagerService.exe when processing HTTP requests and can be exploited to cause a heap-based buffer overflow by sending a specially crafted GET request with more than 260 bytes to TCP port 2537.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is reported in versions 2.00.1 and prior.

Solution

Update to a version later than 2.00.1 (please see the vendor's advisory for details).

Reported by

The vendor credits Aaron Portnoy, Exodus Intelligence.

Original Advisory

Schneider:
http://www.schneider-electric.com/sites/corporate/en/support/cybersecurity/viewer-news.page?c_filepath=/templatedata/Content/News/data/en/local/cybersecurity/general_information/2013/01/20130121_advisory_of_vulnerability_affecting_accutech_manager_software.xml

SEVD 2013-021-01:
http://download.schneider-electric.com/files?p_File_Id=35974872&p_File_Name=SEVD-2013-021-01A.pdf
http://download.schneider-electric.com/files?p_File_Id=36024724&p_File_Name=SEVD-2013-021-01A.pdf