Wednesday, January 16, 2013

ICS-CERT Publishes First 2013 S4 Alert

This afternoon the DHS ICS-CERT published the first alert for a vulnerability reported at the Digital Bond SCADA Security Scientific Symposium (S4) conference; one that Dale hasn’t mentioned in his tweets yet (Hash Tag - #S4x2013). The alert covers multiple vulnerabilities reported by Arthur Gervais in the some products from Schneider Electric.

The four remotely executable vulnerabilities are listed below:

• BMX NOE 0110 – Unauthenticated SOAP/HTTP Interface – Remote code execution

• Modicon M340 – TCP connection resource exhaustion – Denial of Service

• Magelix XBT – HMI 6001/TCP hard coded credential – Loss of integrity

• Modicon M340 – Cross site request forgery – Unauthorized access

BTW: There was a Tweet® from Reid Wightman about an older Schneider vulnerability - "1825-day vuln in WinCC reminded me to check @digitalbond Schneider clock: 2224 days with a publicly-disclosed FTP backdoor."

No comments:

/* Use this with templates/template-twocol.html */