This morning the DHS Industrial Control System Cyber Emergency Response Team (ICS-CERT) updated their vulnerability advisory on ClearSCADA Software. I described the earlier advisory in an earlier blog. There are no new vulnerabilities disclosed in this update. Interestingly ICS-CERT has expanded the systems affected to include SCX (from Serck UK or Serck Aus) software because Serck bundles ClearSCADA in their product.
Owners of SCX Version 67 R4.5 or SCX Version 68 R3.9 (or older versions) need to update their software. No web site for the needed download exists. Owners need to directly contact the nearest Serck office to obtain the appropriate downloads. The nearest office can be found via: http://www.serck-controls.com/global.html.