ReVuln claims 0day vulnerabilities for SCADA systems
In a video, vulnerability merchants ReVuln are advertising a 0day vulnerability for industrial SCADA systems by companies including General Electric, Rockwell Automation, Schneider Electric and Siemens among others. The company does not, however, go into details which actual products are affected.
According to ReVuln, the vulnerabilities allow remote code execution, remote shells access and session hijacking on the PCs that form the foundation of the SCADA installations. If the claim is correct, attackers would have the ability to completely take over these systems since many of the control computers are inadvertently accessible over the internet due to their configurations. So far, ReVuln's claims have not been backed by independent security experts.
Since ReVuln only supplies details of its vulnerabilities to paying customers – a business model that is seen as controversial in the security industry – the manufacturers of the SCADA systems can not rely on the company reporting the vulnerabilities in question. ReVuln usually only publishes vulnerabilities when they have been patched by the manufacturer or have been disclosed by another source.
One of the founders of ReVuln is Luigi Auriemma, who made a name for himself by disclosing vulnerabilities to the Zero Day Initiative (ZDI) before he started his own company. He is also known for having disclosed several SCADA-related vulnerabilities on the Bugtraq mailing list in the past.