Blog Posts Tagged with "human-machine interface"

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Removable Media Flash Drive Attacks

July 10, 2012 Added by:Infosec Island Admin

A shift supervisor was using a portable flash drive for downloading information from an HMI connected to the industrial control systems. Antivirus scanners run on the removable media, the HMI machine, and other systems found the Hamweq virus on the removable media, but the other systems were clean...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Sielco Sistemi Winlog Buffer Overflow

June 18, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a public report of a buffer overflow vulnerability with proof-of-concept exploit code affecting Sielco Sistemi Winlog. The vulnerability is exploitable by sending specially crafted requests to TCP/46824 which could result in a denial of service and remote code execution...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: xArrow Multiple Vulnerabilities

May 25, 2012 Added by:Infosec Island Admin

Security researcher Luigi Auriemma identified and released four security vulnerabilities, along with proof-of-concept code, in the xArrow software application which may cause a denial-of-service condition or allow an attacker to execute arbitrary code...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Pro-face Pro-Server EX Multiple Vulnerabilities

May 18, 2012 Added by:Infosec Island Admin

The vulnerabilities affecting Pro-face Pro-Server include invalid memory access, buffer overflow, unhandled exception, and memory corruption with proof-of-concept exploit code. According to this report, these vulnerabilities are exploitable via specially crafted packets...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Wonderware Unicode String Vulnerability

May 17, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a public report identifying an unallocated Unicode string vulnerability with proof-of-concept exploit code that affects the Invensys Wonderware SuiteLink service which could allow an attacker to remotely crash older versions of the service...

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

Is ICS-CERT Focused on the Right Issues?

February 21, 2012 Added by:Joe Weiss

Analysis of the incident database shows the most significant events from an impact perspective were control system related - yet they represent only 24 of the 203 advisories ICS-CERT put out in the last year. It appears ICS-CERT is focusing on the less important issues...

Comments  (2)