This afternoon the DHS ICS-CERT published an alert and an advisory for separate control system vulnerabilities. The alert was for a product from SD Technologies. The advisory was for a product from 3S Smart Software Solutions.
3S Smart Software Solutions Advisory
This advisory describes a NULL pointer dereference vulnerability in the CODESYS Runtime Tool Kit. The vulnerability was reported by Nicholas Miles of Tenable Network Security. 3S has produced a new version which mitigates the vulnerability, but there is no indication that Miles was provided the opportunity to verify the efficacy of the fix.
ICS-CERT reports that a relatively unskilled attacker could remotely exploit this vulnerability to execute a denial of service attack.
SDG Technologies Alert
This alert describes a reported cross-site scripting vulnerability in the SDG Technologies Plug and Play SCADA that is apparently used in remote metering applications. ICS-CERT is reporting that this vulnerability has been publicly disclosed with exploit code but, has not provided the name of the researcher nor the venue where the exploit was reported.
ICS-CERT reports that it has not yet been able to contact SDG Technologies to verify the existence of the vulnerability or determine what actions SDG Technologies is taking with respect to the reported vulnerability.