Modules of interest in this release represent the bulk of the ICS/SCADA vulnerabilities disclosed in September, including:
- Rockwell's RSLogix5000 DoS
- SCADAPRO buffer overflow / DoS
- Cogent Datahub
- Sunway httpsvr.exe unauthenticated remote command execution
- Sunway AngelServer DoS
- Sunway SNMP NetDBServer stack-based buffer overflow
- Advantech Web Studio DoS 0-day
I would like to comment that several of these vulnerabilities were disclosed with public PoC code, including:
- Rockwell RSLogix 5000 DoS
- SCADAPro Stack Overflow
- Cogent Datahub Buffer Overflow
- Sunway HTTPSVR.exe Remote Code Execution
- Sunway SNMP Stack Overflow
I have created a new list of new SCADA/ICS vulnerabilites, complete with PoC (if available) and additional references at SCADAhacker.com. I am about a week behind, but intend to keep this current and up to date as new vulnerabilities are disclosed.
As always, please post your comments or suggestions to improve the usefulness of this information.
I read the article you mentioned in this blog. It is very helpful and provide complete information on ICS SCADA. Thanks for sharing valuable information.
ReplyDeleteThis comment has been removed by the author.
ReplyDelete