ICS/OT

Researcher Discloses Several Vulnerabilities in Multiple SCADA Systems

Since the discovery of Stuxnet in 2010, there has been a bit of a bull’s eye on the software used to run industrial control systems. Just recently, Italian security researcher Luigi Auriemma poked a new set of holes in Supervisory Control and Data Acquisition (SCADA) products from a number of vendors, including Progea, Rockwell Automation, Cogent and Measuresoft.

Published

<p>Since the discovery of Stuxnet in 2010, there has been a bit of a bull’s eye on the software used to run industrial control systems. Just recently, Italian security researcher Luigi Auriemma poked a new set of holes in Supervisory Control and Data Acquisition (<strong>SCADA</strong>) products from a number of vendors, including Progea, Rockwell Automation, Cogent and Measuresoft.</p><p><img src="/sites/default/files/Industrial_Controls-SCADA.jpg" alt="SCADA Vulnerabilities" title="SCADA Vulnerabilities" width="250" height="166" style="float: right; margin: 5px;" /></p>

Since the discovery of Stuxnet in 2010, there has been a bit of a bull’s eye on the software used to run industrial control systems. Just recently, Italian security researcher Luigi Auriemma poked a new set of holes in Supervisory Control and Data Acquisition (SCADA) products from a number of vendors, including Progea, Rockwell Automation, Cogent and Measuresoft.

Nearly all of the security vulnerabilities can be exploited to remotely execute code. Back in March, Auriemma announced the discovery of nearly three dozen zero-day vulnerabilities in SCADA products as well.

“In my opinion the security of these products is not so high, I guess it’s because this sector remained almost “untouched” till the arrival of Stuxnet,” the researcher told SecurityWeek.

For those that don’t remember, Stuxnet was seen targeting Siemens SCADA software running on Windows. Though the exact motives behind the creation and spread of Stuxnet remain the source of speculation, it was it believed to be the first piece of malware to include a programmable logic controller rootkit and shined a bright light on the security of SCADA systems.

According to Auriemma, he was able to find this latest batch of vulnerabilities with minimal effort.

“I found [the vulnerabilities] in some minutes because it was just a very quick and lazy test and not something more complete like instead I did in March,” he said via email. “Some of the vulnerabilities are very trivial to exploit; for example in one it’s enough to choose the command to execute remotely so doesn’t require even a minimal skill.”

US-CERT’s Industrial Control Systems Cyber Emergency Response Team issued a spate of advisories of its own in response to Auriemma’s findings. The researcher’s own advisories – as well as proof-of-concepts – can be found here.

Related Reading: Are Industrial Control Systems Secure?

Advertisement. Scroll to continue reading.

Related Reading: How to Make the Smart Grid Smarter than Cyber Attackers

Related Reading: The Increasing Importance of Securing The Smart Grid

Related Reading: Stuck on Stuxnet – Are Grid Providers Prepared for Future Assaults?

In this article:

Related Content

Cloud SCADA

ICS/OT

UK Government Releases Cloud SCADA Security Guidance

UK’s NCSC releases security guidance for OT organizations considering migrating their SCADA solutions to the cloud.

March 18, 2024

ICS/OT

Cyber Insights 2024: OT, ICS and IIoT

In an age of increasing geopolitical tensions caused by actual wars, and the threat of Chinese action against Taiwan, OT is a target that...

March 6, 2024

ICS/OT

Podcast: Palo Alto Networks Talks IT/OT Convergence

SecurityWeek interviews Del Rodillas, Senior Director of Product Management at Palo Alto Networks, about the integration of IT and OT in the ICS threat landscape.

January 31, 2024

ICS/OT

Unpatched Rapid SCADA Vulnerabilities Expose Industrial Organizations to Attacks

Seven vulnerabilities found in Rapid SCADA could be exploited to gain access to sensitive industrial systems, but they remain unpatched.

January 18, 2024

ICS/OT

Breaches by Iran-Affiliated Hackers Spanned Multiple U.S. States, Federal Agencies Say

The Municipal Water Authority of Aliquippa was just one of multiple organizations breached in the U.S. by Iran-linked "Cyber Av3ngers" hackers

December 2, 2023

ICS/OT

Congressmen Ask DOJ to Investigate Water Utility Hack, Warning It Could Happen Anywhere

Members of Congress asked the U.S. Justice Department to investigate how foreign hackers breached a water authority near Pittsburgh, prompting CISA to warn other...

December 1, 2023

ICS/OT

Critical Infrastructure Stakeholders Gather for Day 2 of SecurityWeek’s 2023 ICS Cybersecurity Conference

SecurityWeek’s 2023 ICS Cybersecurity Conference continues in Atlanta, as hundreds of industrial cybersecurity stakeholders gather for Day 2 of the annual industrial cybersecurity conference.

October 25, 2023

ICS/OT

Watch Now: Exposing Common Myths of OT Cybersecurity

Join SecurityWeek and TXOne Networks for this webinar as we expose common misconceptions surrounding the security of Operational Technology (OT) and dive into the...

July 27, 2023

Copyright © 2024 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version