Thursday, March 17, 2011

Agora+ SCADA Exploit Pack for CANVAS

GLEG ltd. is pleased to announce Agora SCADA+ exploit pack that is entirely focused on industrial software and hardware vulnerabilities.
The initial version of Agora SCADA+ cotains:
All scada modules recenlty posted to Agora. (which is 11 modules with 2 0days) plus:
  • [0day] SCADA. Atvise bug
  • [0day] SCADA. ClearScada DBServer DOS and sensitive information disclosure
  • [0day] SCADA. ClearScada DOS. allows to crash multiple scada services
  • [0day] DataRate SCADA WebControl and RuntimeHost services bugs
  • [0day] Indusoft SCADA Webstudio 6.1 sp6 bug
  • [0day] Indusoft SCADA web studio 7.0 heap corruption. PoC.
  • [0day] DoS for OPC Modbus Ethernet Server
  • ITS scada SQL Injection. no CVE. public
  • Automated Solutions Modbus/TCP OPC Server Remote Heap Corruption PoC. CVE-2010-4709
  • BACnet OPC client before 1.0.25 arbitrary code execution. CVE-2010-4740
  • Advantech Studio 6.1 Web server DoS. CVE-2011-0488
  • ICONICS Dialog Wrapper Module ActiveX control exploit. CVE-2006-6488. soft is still frequent
Total 23 modules including 9 0days.
Posted by Joel Langill at 8:20 AM

3 comments:

  1. фывафывафыа

    ReplyDelete

  2. Only 9 0-days? I know Stuxnet only had 4, but Luigi published 34.... ICS-CERT is going to be busy again today.

    ReplyDelete

  3. Joel,
    please let me inform you, I develop PLC and Scada training center.
    the schedule klik : Jadwal Training PLC and Scada

    Salam,
    Iman

    ReplyDelete

Subscribe to: Post Comments (Atom)