ADVISORIES | July 13, 2012

Invensys Wonderware InTouch 10 DLL Hijack

ICS-CERT originally released Advisory ICSA-12-177-01P on the US-CERT Portal on July 05, 2012. The web page’s release was delayed to provide the vendor with enough time to contact customers concerning this information.

Independent researcher Carlos Mario Penagos Hollmann has identified an uncontrolled search path element vulnerability, commonly referred to as a DLL hijack, in the Invensys Wonderware InTouch application. Successfully exploiting this vulnerability could lead to arbitrary code execution.

ICS-CERT has coordinated the report with Invensys, which has produced an upgrade to address this vulnerability. Mr. Hollmann has validated that the upgrade resolves the reported vulnerability.

See the ICS-CERT advisory: https://ics-cert.us-cert.gov/advisories/ICSA-12-177-02