3 unpatched zero-day vulnerabilities in Schneider Electric GUIcon affect SCADA systems and critical infrastructure

Cybersecurity specialists report the detection of three vulnerabilities in GUIcon Eurotherm, a solution developed by the technology company Schneider Electric. According to the report, the successful exploitation of the detected faults could lead to dangerous risk scenarios, especially considering that patches are not yet available.

Below are brief descriptions of the detected failures, in addition to their respective identification keys and scores assigned by the Common Vulnerability Scoring System (CVSS).

CVE-2021-22807: A limit error when loading a malicious *.gd1 configuration file into the vulnerable tool would allow threat actors to trigger the attack for arbitrary code execution.

This is a highly severe vulnerability and received a CVSS score of 8.1/10, as its successful exploitation would allow full compromise of the target system.

CVE-2021-22808: A use-after-free error when loading malicious files would allow remote code execution on the affected system.

The failure received a CVSS score of 8.1/10.

CVE-2021-22809: A limit condition when loading malicious *.gd1 configuration files into the vulnerable tool would allow a remote hacker to access the contents of memory on the system or deploy denial of service (DoS) attacks.

This is a failure of medium severity and received a CVSS score of 5/10.

According to the report, the flaws reside in the following versions of GUIcon Eurotherm: 2.0.683.003.

Vulnerabilities can be exploited remotely by unauthenticated threat actors; the good news is that so far no security incidents related to these reports have been detected. Still, administrators of vulnerable devices are encouraged to limit the exposure of these deployments, in addition to staying on top of the release of updates.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.