Symantec pcAnywhere Exposes 200,000 Systems To Attack

As many as 200,000 corporate systems could be commandeered by cyber-criminals as a result of recently discovered vulnerabilities in Symantec's pcAnywhere software for PC-to-PC remote control, a security vendor says.

Of the Internet-connected systems vulnerable to attack, as many as 5,000, or 2.5 percent, were electronic cash registers or other point-of-sales systems that process credit cards and are integrated with back-end systems, Boston-based Rapid7 said Wednesday. Most of the exposed systems found by Rapid7 were in the United States, China and Canada.

"The pcAnywhere vulnerabilities could therefore lead to a large wave of credit card breaches," the company said in an e-mailed statement.

Symantec was not immediately available for comment. The company last month advised customers to disable pcAnywhere until it could issue an update to patch vulnerabilities discovered after the software's underlying code was stolen by hacker collective Anonymous. The flaws affected the latest and older versions of the software.

Rapid7 found that systems running pcAnywhere could be "remote controlled, including screen, mouse and keyboard access, without knowledge of the owner." The product is mostly used on corporate systems, such as desktops, notebooks, servers and POS systems. Sensitive data that were at risk included social security numbers, banking information, credit card numbers, medical records, personal data and government information, the company said.

Meanwhile, a security researcher posted on the Web code that could be used to remotely crash pcAnywhere. Johnathan Norman, director of security research at Houston-based Alert Logic. Norman said Friday in his blog that he discovered the new flaw while studying the reported vulnerabilities.