News 

Computerised Supervisory Control And Data Acquisition (SCADA) systems are used to
control various machinery in factories and other industrial complexes. Around a third of these locations use the SuiteLink Service software from WonderWare, which has sold some 500,000 licences.

"A vulnerability was found in Wonderware SuiteLink Service (slssvc.exe) that could allow an un-authenticated remote attacker with the ability to connect to the SuiteLink service TCP port to

ADVERTISEMENT

shutdown the service abnormally," explains an advisory posted by Core Security.

By sending a malicious packet to the TCP port of a system running SuiteLink Service an attacker can cause an access violation error, which would cause the system to shut down entirely.

"Due to a lack of error-checking for the result of the memory allocation operation, the program later tries to use the pointer as a destination for memory copy operation, triggering an access violation error and terminating the service," claims the Core Security advisory.

Wonderware, a division of Invensys, has posted a patch, which will prevent attacks using this approach once installed. However, it could be some time before all 500,000 users update their software.

"A potential denial of service issue on an insecure network which could have been instigated by a hostile internal user has been addressed in SuiteLink 2.0 Patch 01," explains a statement from Wonderware.