Friday, April 22, 2011

ICS-CERT Updates Alert on Agora SCADA+

Late yesterday or early today the DHS Industrial Control System Cyber Emergency Response Team (ICS-CERT) published updated version of it’s alert on the Agora SCADA+ Exploit Pack for Immunity’s CANVAS system. This coincides with the latest release of the Exploit Pack (ver 1.1).

ICS-CERT notes that there are apparently 5 ‘new’ exploits for known vulnerabilities and 2 apparent zero day vulnerabilities in the latest version of Agora SCADA+. The two new vulnerabilities are for the Beckhoff TwinCAT ENI Server and the Iconics GENESIS32 and GENESIS64 GenBroker.exe. It’s been a ‘bad’ month or so for exploits of the Genesis systems if this is truly 0-days. According to Joel Langill over at SCADAHacker this vulnerability has already been patched.

ICS-CERT has notified the affected vendors and contacted Glegg, the Russian research firm responsible for Agora. According to the alert “GLEG has declined to provide further details of the vulnerabilities” (page 1).

No comments:

 
/* Use this with templates/template-twocol.html */