Rapid SCADA Users Beware – Update Now to Patch Critical Remote Code Execution Flaw

CVECVE-2024-21852
CVSScvssV3_1: 8.8
SourceCVE-2024-21852

Rapid SCADA, a popular SCADA software used for industrial control systems, has a serious vulnerability that could allow remote attackers to take control of affected systems.

The vulnerability, tracked as CVE-2024-21852 with a CVSS score of 8.8, is due to a Zip Slip issue in Rapid SCADA versions prior to 5.8.4. Zip Slip occurs when a zip archive is extracted without proper validation of file paths, allowing a malicious file to “slip” into a directory that was not the intended destination.

An attacker could exploit this by supplying a malicious configuration file that, during extraction, would execute a file located higher in the directory structure and thereby achieve remote code execution on the targeted Rapid SCADA system. This would give the attacker full control of the industrial control system.

Rapid SCADA users are urged to immediately update to version 5.8.4 or later to patch this vulnerability. Organizations should also consider additional security measures like network segmentation, monitoring for unusual activity, and restricting external access to minimize risks. Taking prompt action now helps protect industrial systems from potential disruption or compromise via this critical remote code execution flaw.

References