Italian security researcher recently revealed details of several vulnerabilities in the system supervisory control and data acquisition (SCADA) from multiple vendors.
Luigi Auriemma has released details and proof of concept code for 6 vulnerabilities affecting popular SCADA systems.
Most of the vulnerabilities allow remote code execution, many of them are easy to use,” – says Luigi Auriemma. “At least three vendors have released patches, and Rockwell Automation is working on it right now.”
The affected products are:
- Beckhoff TwinCAT ‘TCATSysSrv.exe’ Network Packet Denial of Service Vulnerability
- Rockwell RSLogix Overflow Vulnerability
- Measuresoft ScadaPro Multiple Vulnerabilities
- Cogent DataHub Multiple Vulnerabilities
- AzeoTech DAQFacstory Stack Overflow
- Progea Movicon Multiple Vulnerabilities