SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-899560623] Rockwell Automation Connected Components Workbench

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2017-03-21OtherRockwell AutomationIvan Sanchez reported this vulnerability. N/ACVE-2017-5176 N/AN/AN/A

Source

						
							
								
#
# Rockwell Automation Connected Components Workbench
#


### VULNERABLE VENDOR
Rockwell Automation


### VULNERABLE PRODUCT
Connected Components Workbench



### RESEARCHER
Ivan Sanchez reported this vulnerability.



### AFFECTED PRODUCTS

The following Connected Components Workbench (CCW), a software configuration platform, versions are affected:

Connected Components Workbench - Developer Edition, v9.01.00 and earlier.
9328-CCWDEVENE,
9328-CCWDEVZHE,
9328-CCWDEVFRE,
9328-CCWDEVITE,
9328-CCWDEVDEE,
9328-CCWDEVESE, and
9328-CCWDEVPTE.
Connected Components Workbench - Free Standard Edition (All Supported Languages), v9.01.00 and earlier.



### IMPACT

Successful exploitation of this vulnerability could range from a denial of service (DoS) to the injection of malicious code into trusted processes, depending on the content of the DLL and the risk mitigations in place by the victim.



### VULNERABILITY OVERVIEW

DLL HIJACKING CWE-427
Certain DLLs included with versions of CCW software can be potentially hijacked to allow an attacker to gain rights to a victim's affected personal computer.
Such access rights can be at the same or potentially higher level of privileges as the compromised user account, including and up to computer administrator privileges.
CVE-2017-5176 has been assigned to this vulnerability.
A CVSS v3 base score of 7.0 has been assigned; the CVSS vector string is (AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)





### BACKGROUND

Critical Infrastructure Sectors: Commercial Facilities, Defense Industrial Base, Energy, and Government Facilities
Countries/Areas Deployed: Globally
Company Headquarters Location: Milwaukee, Wisconsin




### MITIGATION

Rockwell Automation has released a new version of Connected Components Workbench, Version 10.00 and Version 10.01 (All supported languages) which addresses the identified vulnerability.

Rockwell Automation recommends updating to the latest version of Connected Components Workbench, Version 10.00 or later, which is available at the following location:

http://compatibility.rockwellautomation.com/Pages/MultiProductFindDownloads.aspx?crumb=112&refSoft=1&toggleState=&versions=55834,55972


For more information on this vulnerability and more detailed mitigation instructions, please see Rockwell Automation advisory labeled Connected Components Workbench Software Dynamic Link Library (DLL) Hijack Version 1.0, February 16, 2017, at the following location:

https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1030688