Full Report
Missing Authentication in Emerson OpenEnterprise SCADA versions before 3.3.4 might lead to arbitrary code execution. The affected components may allow an attacker to run an arbitrary commands with system privileges or perform remote code execution via a specific communication service.
Analysis Summary
# Vulnerability: Missing Authentication Leading to RCE in Emerson OpenEnterprise SCADA
## CVE Details
- CVE ID: CVE-2020-10640
- CVSS Score: 9.8 (CRITICAL) (Calculated from base metrics AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
- CWE: Missing Authentication (Implied by description)
## Affected Systems
- Products: Emerson OpenEnterprise SCADA
- Versions: Versions before 3.3.4
- Configurations: N/A (Affects components via a specific communication service)
## Vulnerability Description
The vulnerability is a Missing Authentication flaw within certain communication services of Emerson OpenEnterprise SCADA. This flaw allows an unauthenticated remote attacker to execute arbitrary commands with system privileges, potentially leading to Remote Code Execution (RCE).
## Exploitation
- Status: PoC available (Stated as "Existence of exploit PoC")
- Complexity: Low (AV:N/AC:L/PR:N/UI:N)
- Attack Vector: Network
## Impact
- Confidentiality: High
- Integrity: High
- Availability: High
## Remediation
### Patches
- Upgrade all OpenEnterprise installations to **OpenEnterprise 3.3.5** (OpenEnterprise 3.3 Service Pack 5).
### Workarounds
- No specific workarounds were detailed in the provided context other than immediate patching. (Mitigation relies heavily on upgrading).
## Detection
- Indicators of compromise would include unexpected system command execution or process spawning from the affected communication service.
- Detection methods should focus on monitoring network traffic to the vulnerable service for malformed or unauthenticated requests that attempt command injection.
## References
- Vendor Advisories: Vendor released patch in May 2020.
- Relevant Links:
- KLCERT Advisory: ics-cert.kaspersky.com/advisories/alerts/2020/05/20/klcert-20-012-missing-authentication-in-emerson-openenterprise-scada-before-3-3-4/