Blog Posts Tagged with "ICS-CERT"

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: ABB Multiple Components Buffer Overflow

April 11, 2012 Added by:Infosec Island Admin

Researchers have identified a buffer overflow vulnerability in multiple components of the ABB WebWare Server application which could lead to a denial-of-service for the application and privilege escalation or could allow an attacker to execute arbitrary code...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: 3S-Software CoDeSys Improper Access Control

April 10, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a public report of improper access control vulnerability affecting 3S-Software CoDeSys which could allow an attacker can upload unauthenticated configuration changes to the PLC which may include arbitrary code...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Wago IPC Multiple Vulnerabilities

April 09, 2012 Added by:Infosec Island Admin

Multiple vulnerabilities affecting the WAGO IPC 758-870, which is an embedded Linux programmable logic controller (PLC)could allow an attacker to gain unauthorized access or to make unauthenticated configuration changes, which may include arbitrary code...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: ABB WebWare Server Buffer Overflow

April 06, 2012 Added by:Infosec Island Admin

Researchers have identified a buffer overflow vulnerability in multiple components of the ABB WebWare Server application which if exploited could lead to a denial-of-service for the application and privilege escalation or could allow an attacker to execute arbitrary code...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Invensys Wonderware Server Multiple Vulnerabilities

April 04, 2012 Added by:Infosec Island Admin

Researchers have identified multiple vulnerabilities in the Invensys Wonderware Information Server which if exploited could allow denial of service, information disclosure, remote code execution, or session credential high jacking. Invensys has developed a security update...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Invensys Wonderware Buffer Overflow Vulnerability

April 02, 2012 Added by:Infosec Island Admin

Researchers identified two buffer overflow vulnerabilities in the WWCabFile component of the Wonderware System Platform, and successful exploitation of these vulnerabilities will cause a buffer overflow that may allow remote code execution...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Rockwell Automation FactoryTalk Vulnerability

March 29, 2012 Added by:Infosec Island Admin

Researchers have identified two vulnerabilities that may result in a denial-of-service (DoS) condition in the Rockwell Automation FactoryTalk (FT) application which if successfully exploited may result in a Denial of Service condition...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Ecava IntegraXor Path Traversal Vulnerability

March 26, 2012 Added by:Infosec Island Admin

Researchers Billy Rios and Terry McCorkle have identified a Path Traversal vulnerability when a specially crafted HTML document is opened on the Ecava IntegraXor server. Successful exploitation could allow file manipulation or arbitrary code execution...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Increasing Threat to Industrial Control Systems

March 21, 2012 Added by:Infosec Island Admin

ICS-CERT is monitoring an increase in a combination of threats that increase the risk of control systems attacks. These include Internet accessible ICS configurations, vulnerability and exploit tool releases, and increased interest and activity by hacktivist groups and others...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Understanding Industrial Control System Vulnerabilities

March 21, 2012 Added by:Infosec Island Admin

A mission-critical control system is typically configured in a fully-redundant architecture allowing quick recovery from loss of various components in the system. A backup control center is used in more critical applications to provide a secondary control system...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Windows Remote Desktop Protocol Vulnerability

March 20, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a public report of a Remote Desktop Protocol (RDP) vulnerability, which with successful exploitation in the control systems environment could lead to system processes freezing and potentially allow remote code execution...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: GE Intelligent Platforms Proficy Historian Data Advisory

March 15, 2012 Added by:Infosec Island Admin

ICS-CERT received a report from GE Intelligent Platforms concerning a memory corruption vulnerability in the GE Intelligent Platforms Proficy Historian Data Archiver could allow an attacker to cause the service to crash, and may lead to arbitrary code execution...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: GE Intelligent Platforms Proficy Plant Vulnerability

March 14, 2012 Added by:Infosec Island Admin

ICS-CERT received a report concerning multiple memory corruption vulnerabilities in the GE Intelligent Platforms Proficy Plant Applications which could allow an attacker to cause multiple Proficy services to crash, which may lead to arbitrary code execution...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: GE Intelligent Platforms Directory Traversal Vulnerability

March 13, 2012 Added by:Infosec Island Admin

ICS-CERT received a report from GE Intelligent Platforms and the Zero Day Initiative concerning a directory traversal vulnerability in the GE Intelligent Platforms which could allow an attacker to create or overwrite a file on systems running the Real-Time Information Portal...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Solar Flare Disruption Advisory

March 09, 2012 Added by:Infosec Island Admin

The resulting geomagnetic storms can cause aurora at low latitudes and disrupt satellite and high frequency radio communication, GPS, and power grids. ICS-CERT requests that any issues affecting control systems in critical infrastructure environments be reported...

Comments  (2)

201d6e4b7cd0350a1a9ef6e856e28341

Are DOE and DHS Helping to Secure the Infrastructure or Not?

March 08, 2012 Added by:Joe Weiss

DOE and the utilities are in an effort to secure the Grid. Yet the utilities voted down Version 5 of the NERC CIPs. Many of the devices that have been demonstrated to be vulnerable would not be addressed by NERC. Who is responsible for protecting critical infrastructure?

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »