Developers: | Arudit Security |
Last Release Date: | 2022/11/02 |
Branches: | Financial Services, Investments and Auditing |
Technology: | Information Security - Fraud Detection System (Fraud), Information Security Information and Event Management (SIEM) |
Content |
2022: Release of version 6.0.2
In 2022, SoftControl 6.0.2 was released.
2021: Release of version 6.0.1
In 2021, SoftControl 6.0.1 was released.
2020: Release of versions 5.0 and 5.1
In 2020, the following versions were released:
- SoftControl 5.0
- SoftControl 5.1
2019: Release of versions 4.4 and 4.6
In 2019, the following versions were released:
- SoftControl 4.4
- SoftControl 4.6
2018: Addressing Safety Flaws
On August 23, 2018, the company Positive Technologies announced that SafenSoft it had eliminated the shortcomings safety discovered by Positive Technologies expert Artem Ivachev in SoftControl (,, SysWatch TPSecure Enterprise Suite) solutions that protect ATMs, self-service devices servers , and workstations.
According to our observations, 9 out of 10 ATMs have outdated and vulnerable versions of Windows (XP or 7 ), for which many public exploits have been created. Therefore, control over allowed applications is extremely important, and ways to bypass the software whitelist pose a great danger. To run illegitimate software, an attacker can use the disadvantages of protecting the ATM service area and accessing USB or CD-ROM. Then, with the help of suitable malware, an attacker can gain administrator rights on the ATM computer and download specialized software such as Alice, GreenDispenser, Padpin (Tyupkin), Ripper, which allows you to steal cash. 'Artem Ivachev, Positive Technologies Security Analysis Department '
|
Three vulnerabilities allow you to bypass the list of authorized applications. Thus, the CVE-2018-13014 error makes it possible to get a password that limits access to configuration settings. As a result, an attacker can freely change the configuration settings of SoftControl products, for example, completely disable protection on the local computer.
The second vulnerability, CVE-2018-13013, is related to incorrect validation of the msiexec.exe launch. A local attacker can create a configuration in which the SysWatch component does not check the signatures of installation files with the.msi extension, run an arbitrary MSI file, and execute unauthorized code.
The third vulnerability (CVE-2018-13012) is caused by the peculiarities of the SoftControl product update process. Updates to each version have a lastversion42.xml configuration file and a set of update files. Due to an error checking the integrity of the lastversion42.xml file, an attacker can perform a man-in-the-middle attack and replace the update files. To exploit the vulnerability, an attacker needs access to SysWatch settings, which could give a CVE-2018-13014 password disclosure vulnerability.
To eliminate the vulnerability, CVE-2018-13014 need to update the used SoftControl products to version 4.3.17 or higher. You should also update all SysWatch clients to switch the Service Center component to a different password management mode (if SysWatch clients are managed using the Service Center component). Vulnerabilities CVE-2018-13013 and CVE-2018-13012 have been fixed in SoftControl products versions 4.4.12 and higher.
author '= Alexander Zatsepin, Technical Director of Trekshen Technologies LLC Identification and timely elimination of vulnerabilities is an important element of the software life cycle. Cooperation with experts in the field of software security analysis allows you to achieve qualitatively better results. |
2017
Release of versions 4.1-4.3
In 2017, versions were released:
- SoftControl 4.1
- SoftControl 4.2
- SoftControl 4.3
Launch of the product line in the Russian market
Trekshen Technologies and Safe 'n' Sec Corporation announced in early 2017 the launch on the Russian market of the SoftControl line of products developed to ensure the integrity of the software environment of endpoints of banks and financial institutions. The solution allows you to protect the information system from unauthorized actions of your own bank service personnel and intruders from outside.
SoftControl is a set of software components for deploying an information security system consisting of a server and clients for end devices: ATMs, servers and personal computers. Thanks to the comprehensive approach, SoftControl is able to replace several information security solutions, which significantly reduces implementation costs and completely neutralizes the risk of intersystem conflicts during operation. Another advantage of deploying a single system under SoftControl is the speed of adding new banking services while maintaining the necessary level of information security.
Also, the use of a comprehensive SoftControl solution allows you to bring the bank's information security system into compliance with the requirements of the regulator (PCI DSS and the Central Bank of the Russian Federation).
2016: SoftControl 4.0 Exit
In 2016, SoftControl 4.0 was released.