Last week the DHS Industrial Control System Cyber
Emergency Response Team (ICS-CERT) published
a limited information alert about an overwrite vulnerability in the
structured exception handler for the Sunway Force Control SCADA system. Yesterday
they published an
updated version of that alert that provides more information on the
vulnerability. Probably the most important item of information is that the
alert is based upon the public availability of exploit code for the
vulnerability.
Interestingly ICS-CERT now thinks that the exploit is “likely
targeting a previously disclosed and patched vulnerability”. There are patches
and mitigation measures available for that vulnerability, so this alert
recommends that they be implemented (should have already been implemented?) as
a preliminary response to this exploit. More information, including perhaps a
confirmation of this being the same vulnerability, will follow.
I briefly wrote
about the earlier advisory back in June and noted that the newsworthy
aspect of that advisory was that the vulnerability had been reported by Dillon
Beresford of Siemens vulnerability notoriety. ICS-CERT is careful to note in this
advisory that it is someone else (currently unidentified) that published the
exploit code, not Dillon.
Posts
No comments:
Post a Comment