Automated Logic WebCTRL Premium Server Port Binding Vulnerability Allowing Service Impersonation

A vulnerability exists in Automated Logic WebCTRL Premium Server that allows an attacker to bind to the same port used by the WebCTRL service. This could enable the attacker to craft and send malicious packets, impersonating the WebCTRL service without injecting code into the software. The vulnerability arises from cleartext transmission of sensitive information, which can be intercepted and modified by an attacker.

Impact

Exploitation of this vulnerability could lead to unauthorized interception, modification, or impersonation of the WebCTRL service, potentially allowing attackers to manipulate communications or actions within the building automation system.

Remediation

For customers using supported versions of WebCTRL (WebCTRL 8.5 cumulative releases and later), Automated Logic provides secure configuration guidance, BACnet Secure Connect support, and best practices for network segmentation and access control. Additional information is available on the Automated Logic website. Users of WebCTRL 7, which is no longer supported, are advised to upgrade to the latest version.