Public ICS Vulnerability Disclosures – 9-10-16

There were two interesting public (uncoordinated?) disclosures of control system vulnerabilities this week over at the Full Disclosure mailing list. Both were from Karn Ganeshen.

The first describes multiple vulnerabilities in the Powerlogic/Schneider Electric IONXXXX series Smart Meters. The reported vulnerabilities include:

• No access control

• Vulnerable to Cross-Site Request Forgery; and

• Weak Credential Management

The second describes multiple vulnerabilities in the ELNet Energy & Electrical Power Meter. He reported vulnerabilities include:

• Unauthenticated Web Management access;

• Weak Credential Management; and

• Password Recovery Functionality

Thanks to ‏@infracritical for tweeting about these vulnerabilities (here and here).

Both disclosures were late in the week. We may see (hopefully) ICS-CERT alerts on these next week.