This afternoon the DHS ICS-CERT published an advisory for dual improper input validation vulnerabilities in the Schweitzer Engineering Laboratories’ (SEL) real-time automation controllers (RTAC). The vulnerabilities were reported by Adam Crain of Automatak and Chris Sistrunk in coordinated disclosures.
ICS-CERT reports that these vulnerabilities (one for serial connections and a separate one for IP-based connections; NOTE links will not work for a day or two) could be remotely exploited by a moderately skilled attacker, executing a denial of service attack. SEL has developed a CD-ROM based upgrade packet to mitigate the vulnerabilities. ICS-CERT reports that Crain and Sistrunk have validated the efficacy of the upgrades.
I tried to review the SEL information on these vulnerabilities, but it was not directly available on their web site. Instead SEL allows people with corporate email accounts to sign up to receive distributed information on SEL security notices. Anyone owning any SEL control system equipment should sign up for this service.