X-twitter Linkedin-in Facebook-f Youtube

Remote code execution in InduSoft Web Studio

Enterprises running InduSoft Web Studio should update their software and ensure these critical systems are not exposed to the internet.
Tenable Research has discovered an unauthenticated remote code execution (RCE) vulnerability in InduSoft Web Studio 8.1.2.0. ICS-CERT has assigned CVE-2019-6545 and CVE-2019-6543 for this vulnerability.
Background
InduSoft Web Studio is an automation tool for human-machine interface (HMI) and supervisory control and data acquisition (SCADA) systems. According to its website, Web Studio is used in manufacturing, oil and gas, municipal water and correctional facilities and even by a drag racer.
By exploiting this vulnerability, an attacker can run commands on the targeted system by directing it to fetch a malicious database configuration file (DB.xdc) from an attacker-controlled server.
Analysis
The vulnerability is a result of Web Studio’s built-in language being made available to unauthenticated remote attackers. The built-in language allows users to execute operating system level commands. An attacker can execute the built-in language by sending a properly crafted DBProcessCall message (command 66). Using DBProcessCall, the attacker can direct Web Studio to load a database configuration file from a remote server. The configuration file can contain malicious built-in language commands which Web Studio will then execute.
Command 66 only requires permission 0 to run, meaning it doesn’t require authentication and/or authorization. The attack would work even if Security is enabled, a Main password is set and the Guest account is deleted.
Proof of concept
Proof of concept (PoC) code has been uploaded to the Tenable Research GitHub and you can see a video PoC here.
Solution
Aveva has issued a security bulletin for this vulnerability, along with a software update. Enterprises running InduSoft Web Studio should update their software to InduSoft Web Studio v8.1 SP3 and ensure these critical systems are not exposed to the internet.
www.tenable.com/research

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Phone-volume Envelope
Georgina Turner image

Georgina Turner

Sales
Manager

Phone-volume Envelope
Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Phone-volume Envelope

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Product Spotlight - HID

Product Spotlight – HID

, , ,
Access control is evolving into a smart, responsive platform—integrating embedded apps, IoT, and cybersecurity to deliver…
Read More
Genetec

Genetec brings new capabilities to Security Center SaaS

, , ,
Genetec announced new updates to Security Center SaaS, the company’s enterprise-grade Security-as-a-Service (SaaS) solution..
Read More
I-Pro

i-PRO Launches Revamped EMEA Partner Program

, , , ,
i-PRO announced a major expansion of its EMEA Partner Program. The move supports i-PRO’s long-term growth strategy and…
Read More
ASIs international

ASIS International Introduces New ANSI-Approved Investigations Standard

, , , ,
ASIS International, a leading authority in security standards, is excited to announce the release of its revised American National Standards.
Read More
Gallagher Security and Yusuf Bin Ahmed Kanoo Company Limited sign MOU in Riyadh

Gallagher Security MOU with Yusuf Bin Ahmed Kanoo Company

, , , ,
Gallagher Security is proud to announce the signing of a Memorandum of Understanding (MOU) with Yusuf Bin Ahmed Kanoo Company…
Read More
Mike Hurst - Security Buyer

Zygal appoints Mike Hurst CPP CPOI

, ,
Zygal, which produces cutting edge AI cloud VMS and monitoring solutions for connecting, managing, and monitoring assets…
Read More
Secure Logiq

Secure Logiq expands into APAC

, ,
Secure Logiq is heading into the Asia-Pacific region with big plans and a clear focus on Australia and New Zealand. Helping to steer…
Read More
Sophos

Sophos Enhances Protection and Incident Response

, , , ,
Sophos announces an update to its Sophos Firewall, now including Sophos NDR Essential, which is free for all customers with an…
Read More
Dallmeier

Tenerife Airport relies on video technology

, , , , ,
Tenerife Norte-Ciudad de La Laguna Airporthas significantly improved its safety by installing state-of-the-art video technology..
Read More
ICT

ICT announces Stewart Meyer as Chief Marketing Officer

, , , ,
Integrated Control Technology (ICT®), a leading provider of intelligent access control, intrusion detection, building automation and…
Read More

News Desk

View all the latest, product, project and people news

News Desk

Click Here

Technology News

Keep up-to-date with the latest product innovation

Technology News

Click Here

Industry Sectors

Discover technology in action in all applications

Industry Sectors

Click Here

Enter The Awards

Showcase personal or organisation excellence

Awards

Click Here

Advertise With Us

Reach decision makers and amplify your marketing

Advertise With Us

Click Here

Create an account or login

Create your free account today and get instant access to exclusive industry insights, expert analysis, and breaking security news.

login
Create an account

© Hand Media International LTD 2025. All rights reserved.

Scroll to Top