exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Honeywell Falcon Administrative Bypass

Honeywell Falcon Administrative Bypass
Posted Oct 1, 2014
Authored by Martin Jartelius | Site outpost24.com

Honeywell Falcon suffers from a vulnerability that allows anyone to login as the administrator without prior knowledge of any username or password.

tags | advisory, bypass
advisories | CVE-2014-2717
SHA-256 | 38330e824709e2c82d60c63e425dfc961fdac2c05ddd5ba2bd7656c5ec7730c2

Honeywell Falcon Administrative Bypass

Change Mirror Download
After giving the market two extra months for patching and also
contacting some of the affected national CERTs Outpost24 today released
the vulnerability details for CVE-2014-2717.
This vulnerability consists of a missing access restriction in
combination with a flawed login function, resulting in something as
exotic as a pass the hash vulnerability to authenticate with a SCADA
system, giving administrative access.*

*TL;DR; The Honeywell Falcon (XLWeb Linux/Webserver) contains a
vulnerability which allows anyone, even without knowing the username or
password, to log in as an administrator in the system. Although
information regarding the presence of the vulnerability has been
available for a few months since its open disclosure by the ISC CERT to
member organizations, there are multiple unpatched systems that remain
exposed to the Internet. Outpost24 have waited for an airport we were
aware of were affected to patch before releasing.

The more full information is available here;
http://www.outpost24.com/cve-2014-2717-attacking-the-honeywell-falcon-xlweb/

References:
https://ics-cert.us-cert.gov/advisories/ICSA-14-175-01
CVE-2014-2717


AFFECTED PRODUCTS
The following Honeywell FALCON XLWeb controller versions are affected:

* FALCON Linux 2.04.01 or older
* FALCON XLWebExe 2.02.11 or older.

IMPACT
An attacker may use these vulnerabilities to generate a valid login for
an administrative user in the Honeywell FALCON XLWeb controller
obtaining full administrator access to the system.

The impact to individual organizations depends on many factors that are
unique to each organization. ICS-CERT recommends that organizations
evaluate the impact of this vulnerability based on their operational
environment, architecture and product implementation.

The affected products, FALCON XLWeb controllers, are web-based SCADA
systems. According to Honeywell, FALCON XLWeb controllers are deployed
across several industries including critical manufacturing, energy and
wastewater systems among others. According to Honeywell, the affected
controllers are used by customers primarily in Europe and the Middle East.

Outpost24 would like to direct a thank you to Honeywell and ICS CERT for
their fast work in resolving the problems, and we also completely share
the vendors recommendation that SCADA systems already in the first place
should not be internet facing. The vendor have been a pleasure to work
with and have taken every care to resolve the issue timely.


Martin Jartelius
CSO
Outpost24
www.outpost24.com



Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close