Multiple vulnerabilities have been reported in DeltaV products, which can be exploited by malicious people to conduct cross-site scripting attacks, SQL injection attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.

1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

2) Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

3) An error within PORTSERV.exe can be exploited to cause a crash via a specially crafted packet sent to TCP or UDP port 111.

4) An error within the processing of certain fields in project files can be exploited to cause a buffer overflow via a specially crafted project file.

5) An insecure method within an ActiveX control can be exploited to overwrite arbitrary files.

Successful exploitation of vulnerabilities #4 and #5 may allow execution of arbitrary code.

The vulnerabilities are reported in the following applications:
* DeltaV and DeltaV Workstations versions 9.3.1, 10.3.1, 11.3, and 11.3.1
* DeltaV ProEssentials Scientific Graph version 5.0.0.6

Solution
Apply hotfix (please contact the vendor for more information).

Provided and/or discovered by
ICS-CERT credits Kuang-Chun Hung, Security Research and Service Institute.

Changelog
Further details available to Secunia VIM customers

Original Advisory
ICS-CERT:
http://www.us-cert.gov/control_systems/pdf/ICSA-12-138-01.pdf

Deep Links
Links available to Secunia VIM customers