ICS-CERT Updates Honeywell Advisory as Promised

Today the DHS ICS-CERT published an update of their advisory for the Honeywell Enterprise Buildings Integrator (EBI). As was mentioned in an earlier blog posting on the original advisory, Rapid7 had notified Honeywell and ICS-CERT that they would be releasing a Metasploit module for this vulnerability. This update announces that the Metasploit module has been released. The original vulnerability was reported by Juan Vazquez of Rapid7.