Friday, April 22, 2011

Gleg releases Ver 1.1 of the SCADA+ Pack for Canvas

Gleg Ltd. annouced the availability of Release 1.1 of the SCADA+ pack for Immunity's Canvas.

Here are the details of the release contents:

  • Beckhoff TwinCAT ENI Server v1.1.6.0 (zero day)
  • Iconics Genesis32/64 DoS via GenBroker.exe (zero day initially - patched by Iconics; click here for details)
  • KingView 6.53 Remote Exploit (CVE-2011-0406)

The release also includes several of the modules developed around the Luigi Auriemma disclosure:
  • Iconics GENESIS32/GENESIS64 - 12 of 13 covered (just PoC at this point)
  • Siemens Tecnomatic FactoryLink - 1 of 6 covered
  • 7-Technologies IGSS - 7 of 8 covered
  • DATAC/RealFlex RealWin - 6 of 8 covered
Some additional comments:
I have provided details on my web page of how to build and exploit a test system utilizing the KingView 6.53 remote exploit.  Complete instructions and download links are available in the Resources section of

I will be presenting a short session of how to convert one of the Luigi vulnerabilities into a working remote exploit at the upcoming U.S. Dept. of Homeland Security - Control Systems Security Program - Industrial Control System Joint Working Group (ICSJWG) Spring Conference in Dallas, TX on Tuesday, May 3.  I will post this presentation on my website on the About page under "Technical Papers and Conferences", and also details in the Resources section under "SCADA/ICS System Exploits".

No comments:

Post a Comment