A summary of recent releases includes:
- Version 1.24 was released on May 14, 2013
- Version 1.23 was released on April 22, 2013
- Version 1.22 was released on February 27, 2013
- Version 1.21 was released on February 7, 2013
- Version 1.20 was released on December 21, 2012
- Version 1.19 was released on November 8, 2012
SCADA+ 1.25 modules include:
- MOXA AWK Search Utility DoS [0-day]
- Schneider Electric PLC Simulator 'sim.exe' Remote denial-of-service [0-Day]
- Mikrotik Syslog Server for Windows 1.15 Denial of Service
- Schneider Electric Ethernet Modules Multiple Service Default Hardcoded Credentials
- Multiple Schneider Electric Products 'ModbusDrv.exe' Local Buffer
Overflow Vulnerability
ICS-CERT does not appear to have released any Alerts or Advisories for the MOXA AWK Utility, Schneider PLC Simulator / ModbusDrv, and Mikrotik vulnerabilities. This is expected, as these products are not directly related to ICS. The Schneider ModbusDrv.exe vulnerability was posted on SecurityFocus and confirms that this vulnerability is locally exploitable, making it a relatively low-risk vulnerability. The Schneider Ethernet Module vulnerabilities have also been discussed on SecurityFocus and include details on exploit techniques. This can be exploited remotely, so it represents moderate-risk if these devices are present, and unauthorized network access is obtained.
Additional details and references can be found for the other exploit modules include in the SCADA+ pack:
- Schneider Electric Ethernet Modules (Schneider / ICS-CERT / SecurityFocus )
- Schneider Electric Products 'ModbusDrv.exe' (Schneider / SecurityFocus )
Information on the Gleg SCADA+ Exploit Pack can be found here, as well as information on Immunity's CANVAS here.
As always, please post your comments or suggestions to improve the usefulness of this information.
No comments:
Post a Comment