security vulnerability of Rapid SCADA

Forum Home Forums Understanding the Software security vulnerability of Rapid SCADA

Tagged: 

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #14016
    grhsc
    Participant

    Dear Developer,

    I saw the information about the Rapid SCADA security vulnerability,

    https://www.cncso.com/en/multiple-high-risk-security-vulnerabilities-in-rapid-scada.html

    This article specifically mentions – Rapid SCADA developers have been notified of the vulnerability in July 2023, but no patch has been released as of this date.

    I saw from cisa’s report that this is a vulnerability for version 5.8.4 and prior, so I don’t think the description above is accurate, is it?

    https://www.cisa.gov/news-events/ics-advisories/icsa-24-011-03

    Does it still have these potential issues with the V6?
    Your clarification will help give me and all Rapid SCADA fans confidence, thanks in advance!

    #14021
    Mikhail
    Moderator

    Hello,
    We also checked those CISA reports some time ago. The above links does not contain steps to reproduce the issues, therefore I can answer in general.

    In v6 the following security improvements were made:
    1. Encrypt passwords in configuration files.
    2. Store only password hash for user passwords.
    3. Encrypt sensitive information in TCP application protocol.
    4. Brute force protection.
    5. The web app can redirect only to a local page on user login.
    6. Use more secure default installation directory on Windows.

    #14022
    Mikhail
    Moderator

    What you should do to protect the system:
    1. Follow the safety recommendations.

    2. Restrict access to your project. It’s recommended to store project on GIT in private repository. It helps to control any changes made in the project.
    If an attacker changed your project, he could access the server’s filesystem by read and write operations from the scripts. Also he could add hyperlinks to external resources on the schemes.

    3. Restrict access to the production server. It’s obvious.
    Use firewall.

    4. If Rapid SCADA is hosted in the cloud, enable captcha and use Guard Plugin for additional security.

    5. Use strong passwords in production environment. Change all default passwords.

    6. Run Rapid SCADA services with lower privileges instead of system (root) user.

    • This reply was modified 2 weeks, 2 days ago by Mikhail.
    • This reply was modified 2 weeks, 2 days ago by Mikhail.
    #14023
    Mikhail
    Moderator

    Note that you can find similar security reports for any well known SCADA software. Since Rapid SCADA is open source, its internal structure has been tested by many professional developers and we respond to their feedback.

    There are many Rapid SCADA instances available on the Internet that work reliably for many years.

    #14044
    grhsc
    Participant

    Thanks for the clarification and security guidance!

    #14051
    Mikhail
    Moderator

    Ready to discuss specific security-related issues together.

Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.