Security researcher Luigi Auriemma has released proof of concept code for 34 vulnerabilities affecting popular SCADA systems. The majority of the vulnerabilities allow remote code execution on Internet connected systems, with the remaining offering access to stored data.
“SCADA is a critical field but nobody really cares about it,” said the researcher. “That's also the reason why I have preferred to release these vulnerabilities under the full-disclosure philosophy.”
Affected products are:
- DATAC RealWin 2.1 (Build 184.108.40.206) (SCADA)
- 7-Technologies IGSS 9.00.00.11059 (SCADA)
- GENESIS32 9.21(SCADA)
- GENESIS64 10.51 (SCADA)
- Siemens Tecnomatix FactoryLink 220.127.116.113 (SCADA)