In association with heise online

19 September 2011, 15:18

More vulnerabilities found in SCADA systems

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Industrial icon

Italian security specialist Luigi Auriemma, who in March this year exposed 35 vulnerabilities in SCADA (Supervisory Control And Data Acquisition) products from Siemens and others, has now released another set of 13 vulnerabilities, together with exploit code as proof-of-concept, affecting eight different SCADA products. His findings have prompted the release of security advisories from the US Department of Homeland Security's ICS-CERT.

The new advisories cover: Beckhoff TwinCAT, Rockwell RSLogix 19, Measuresoft ScadaPro 4.0.0, Cogent DataHub and Azeotech DAQFactory 5.85. Auriemma also finds vulnerabilities in Progea Movicon 11.2.1085 and Carel PlantVisor 2.4.4. Some of his advisories point to possible Denial-of-Service (DoS) or remote code execution as possible dangers. The programs listed are used in a variety of industries, including various utilities, manufacturing systems and by financial institutions.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit