It has come to my attention that ICS-CERT has released an interesting advisory on the US-CERT Secure Portal. The advisory reportedly deals with an industrial control system and it currently looks like the vendor is not intending to fix the vulnerability. I have not seen the advisory as I don’t have access to the Secure Portal (I was offered, but declined so I could report on things like this), but it seems odd that this vendor is not cooperating with ICS-CERT.
Experts compete to find Ukraine grid hack 'smoking gun'
10 months ago