On Friday (okay, it was dated Thursday, Tweeted Thursday, but it wasn’t posted on the public site until Friday) ICS-CERT published an advisory for a hard-coded credential vulnerability in two programmable gateways from TURK. The vulnerability was reported by Ruben Santamarta of IOActive in a coordinated disclosure.
ICS-CERT reports that a relatively low-skilled attacker could remotely exploit this vulnerability to execute arbitrary code or shut down the system, or just about anything else someone with direct access to a PLC could do (okay I added the last).
The advisory notes that TURK has developed a firmware update that removes the FTP service, but it does not state that Santamarta or anyone else from IOActive has verified the efficacy of the update. Unfortunately neither link provided in the advisory for downloading the firmware updates takes you any closer to the updates than a search page on the TURCK web site and none of the typical search terms (BL20 Update, BL20 Firmware, BL 67 Update, BL 67 Firmware, or Firmware Update) work.
Oh well, I guess it wasn’t important anyway.