CISA (ICS)
12/14/2010
Overview The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a stack-based buffer overflow vulnerability in the Ecava IntegraXor Human-Machine Interface (HMI) product that could allow the execution of arbitrary code. Ecava has verified the claim and has released a patch to mitigate the vulnerability …
CISA (ICS)
11/17/2010
Overview The ICS-CERT has received a report from independent security researcher Jeremy Brown that reveals a heap corruption vulnerability in the Automated Solutions Modbus/TCP Master OPC server. Automated Solutions has confirmed that their most recent patch mitigates the vulnerability for Version 3.0.0. ICS-CERT has verified that the software update resolves …
CISA (ICS)
11/10/2010
Overview --------- Begin Update A Part 1 of 2 ---------- On October 20, 2010, an independent security researcher postedRubén Santamarta, http://www.reversemode.com/index.php?option=com_content&task=view&id=70&Itemid=1, website last visited October 28, 2010. information regarding a vulnerability in MOXA Device Manager (MDM) Version 2.1. MOXA has confirmed this vulnerability and released Version 2.3 on November 11, …
CISA (ICS)
11/08/2010
Overview This advisory is a follow-up to ICS-ALERT-10-305-01 RealFlex RealWin Buffer Overflows , which was published on the ICS-CERT Web site on November 01, 2010. On October 15, 2010 an independent security researcher posted informationResearcher, http://aluigi.altervista.org/adv/realwin1-adv.txt, website last visited November 4, 2010. regarding vulnerabilities in RealFlex Technologies Ltd. RealWin SCADA …
CISA (ICS)
09/29/2010
OVERVIEW ICS-CERT has been actively investigating and reporting on the Stuxnet vulnerability. To date, ICS-CERT has released ICSA-10-201-01 - Malware Targeting Siemens Control Software (including Updates B & C) and ICSA-10-238-01 - Stuxnet Mitigations (including Update B). Stuxnet uses four zero-day exploits (two of which have been patched) and takes …
CISA (ICS)
09/21/2010
Overview This advisory is a follow-up to ICS-ALERT-10-260-01 SCADA Engine BACnet OPC Client Buffer Overflow , which was published on the ICS-CERT Web site on September 17, 2010. A buffer overflow vulnerability has been reportedSecunia Advisory SA41466, http://secunia.com/advisories/41466/, website last accessed September 21, 2010 in SCADA Engine’s BACnet OPC Client. …
CISA (ICS)
09/15/2010
Overview In July, ICS-CERT published an advisory and a series of updates regarding the Stuxnet malware entitled “ ICSA-10-201 USB Malware Targeting Siemens Control Software .” Since then, ICS-CERT has continued analysis of the Stuxnet malware in an effort to determine more about its capabilities and intent. As the analysis …
CISA (ICS)
08/16/2010
Overview An asset owner recently notified the ICS-CERT that a vendor support contractor had added an administrative-level account during installation of new control systems software. The support contractor intended the account to be the default used to train their people for all future work on those systems. The addition of …