http://www.v3.co.uk/v3-uk/news/2323339/uk-critical-infrastructure-at-risk-from-scada-security-flaw
By Alastair Stevenson
V3.co.uk
16 Jan 2014
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT)
has called for businesses involved in critical infrastructure to be extra
vigilant as it investigates a potential critical flaw in a commonly used
SCADA system.
ICS-CERT issued the warning in a security advisory after security
researcher Luigi Auriemma uncovered a vulnerability that left many of the
world's SCADA systems at risk.
"ICS-CERT is aware of a public report of a buffer overflow vulnerability
with proof-of-concept (PoC) exploit code affecting Ecava IntegraXor, a
supervisory control and data acquisition/human-machine interface
(SCADA/HMI) product," said the advisory.
"IntegraXor is currently used in several areas of process control in 38
countries with the largest installation based in the United Kingdom,
United States, Australia, Poland, Canada, and Estonia. ICS-CERT recommends
that users take defensive measures to minimise the risk of exploitation of
these vulnerabilities."
[...]
--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
