11 September 2019

Software vulnerabilities in EZ Touch Editor and EZ PLC Editor

Vulnerabilities have been identified in EZ Touch Editor (versions 2.1.0 and prior) and EZ PLC Editor (versions 1.8.41 and prior) software developed by EZAutomation. Exploitation of the vulnerabilities identified could lead to remote code execution.

Both products are industrial automation solutions:

  • EZ Touch Editor is a human-machine interface editor;
  • EZ PLC Editor is a programming tool for programmable logic controllers.

EZ Touch Editor is affected by a stack-based buffer overflow vulnerability (CVE-2019-13518). Exploiting the vulnerability could allow an attacker to execute arbitrary code in the context of the current process when the user opens a specially crafted EZP project file.

The vulnerability in EZ PLC Editor has to do with the ability to perform operations outside the memory buffer (CVE-2019-13522). Exploiting this vulnerability could also allow an attacker to execute arbitrary code. This requires the user to open a malicious EZC project file.

Both vulnerabilities were assigned a CVSS v.3 base score of 7.8. They were fixed in EZ Touch Editor version 2.2.0 and EZ PLC Editor version 1.9.0, respectively.

Source: ICS-CERT