Critical vulnerabilities in industrial solutions Elcomplus, manufacturer of radiocommunication and industrial automation products

Cybersecurity specialists report the detection of a series of vulnerabilities in Elcomplus SmartPPT SCADA, an integrated voice and data dispatch software. According to the report, successful exploitation of the flaw would allow threat actors to deploy multiple hacking variants.

Below are brief reports of the detected flaws, in addition to their respective security keys and scores assigned according to the Common Vulnerability Scoring System (CVSS).

CVE-2021-43932: Incorrect neutralization of entries during the generation of a web page would allow threat actors to inject JavaScript code into a specific parameter that can be executed when accessing the dashboard or home page.

The flaw received a CVSS score of 9/10.

CVE-2021-43939: Incorrect authorization in the affected application would allow authenticated users to access higher-level authorization and issue requests directly to specific endpoints.

The flaw received a CVSS score of 8.8/10.

CVE-2021-43934: Unrestricted file uploading would allow malicious users to access affected systems.

The flaw received a CVSS score of 9.8/10 and is considered a high severity error.

CVE-2021-43930: The backup and restore system does not properly validate download requests, allowing malicious users to download arbitrary files from the system.

This is a low-severity vulnerability and received a CVSS score of 4.6/10.

According to the report, the faults reside in SmartPPT SCADA v1.1.

The flaws were publicly disclosed through the U.S. Cybersecurity and Infrastructure Security Agency (CISA), which issued a set of recommendations to mitigate exploitation risk, including:

  • Reduce network exposure as much as possible for all devices or systems in the control system
  • Identify networks of control systems and remote devices behind firewalls and isolate them from commercial networks
  • Use tools such as VPN solutions for remote access to critical security implementations 

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.