CNVD-2018-19569 Scanner

CirCarLife SCADA is a parking lot automation management system developed by Circontrol, a Spanish company. It is designed for efficient management and operation of parking facilities, often utilized in environments with high traffic like shopping centers, airports, and business complexes. The system facilitates real-time monitoring and control of parking resources, ensuring optimal use and management of available spaces. It is employed by facility managers to enhance user experience through effective automation and scheduling capabilities. The solution provides a centralized interface for control and reporting, integrated with various devices and charging stations. As a comprehensive management tool, CirCarLife SCADA supports various protocols and hardware, enabling seamless digital management of parking infrastructure.

The vulnerability identified in CirCarLife SCADA relates to information disclosure through the devstat.html file. This issue arises due to the absence of authentication requirements for accessing sensitive status data of PLCs (Programmable Logic Controllers) used within charging stations. Attackers can exploit this flaw to retrieve information unauthorized, which can lead to further security breaches or exploitation. If left unaddressed, this vulnerability allows access to data that should be restricted to authorized personnel only. Because of the disclosed data's potential sensitivity, this vulnerability represents a significant threat to the integrity and confidentiality of the system. Consequently, it necessitates prompt mitigation to safeguard the infrastructure and associated data assets.

The technical details of the vulnerability involve unprotected access to the /html/devstat.html endpoint of the CirCarLife SCADA system. This endpoint does not enforce user authentication, allowing any visitor to view its content which includes status information of connected PLCs. The HTML page titled "CCL1 devices status" is easily reachable without any credential checks. Due to this lack of security, anyone with network access can retrieve operational status data directly from the SCADA system. This exposure could indirectly assist malicious actors in crafting more specific and damaging attacks on the system. Proactive measures, including access restrictions and data encryption, are recommended to address this issue.

If exploited, the identified vulnerability could lead to significant impacts on the affected systems. Unauthorized disclosure of PLC statuses can aid attackers in mapping the infrastructure and identifying additional vulnerabilities tied to outdated firmware or unsecured configurations. Access to such sensitive information may allow attackers to plan targeted attacks on critical components within the charging stations, potentially leading to operational disruptions or even unauthorized control. This type of information misuse can result in financial and reputational damage to the operating entity, due to possible service interruptions and data breaches.

REFERENCES

• https://www.cnvd.org.cn/flaw/show/CNVD-2018-19569