Italian security researcher Luigi Auriemma has released details and proof of concept code for 6 vulnerabilities affecting popular SCADA systems.
The same researcher released details on 34 SCADA vulnerabilities in March, 2011.
The vulnerabilities range from denial of service attacks, to information disclosure, to complete remote code execution.
The affected products are:
- Beckhoff TwinCAT 'TCATSysSrv.exe' Network Packet Denial of Service Vulnerability
- Rockwell RSLogix Overflow Vulnerability
- Measuresoft ScadaPro Multiple Vulnerabilities
- Cogent DataHub Multiple Vulnerabilities
- AzeoTech DAQFacstory Stack Overflow
- Progea Movicon Multiple Vulnerabilities