On October 20, Gleg released version 1.7 of the SCADA+ Exploit Pack for the Immunity Canvas framework, though this time around, I do not see a lot of unique value in the code updates.
Modules of interest in this release represent the bulk of the ICS/SCADA vulnerabilities disclosed in September, including:
I would like to comment that several of these vulnerabilities were disclosed with public PoC code, including:
I have created a new list of new SCADA/ICS vulnerabilites, complete with PoC (if available) and additional references at SCADAhacker.com. I am about a week behind, but intend to keep this current and up to date as new vulnerabilities are disclosed.
As always, please post your comments or suggestions to improve the usefulness of this information.
Modules of interest in this release represent the bulk of the ICS/SCADA vulnerabilities disclosed in September, including:
- Rockwell's RSLogix5000 DoS
- SCADAPRO buffer overflow / DoS
- Cogent Datahub
- Sunway httpsvr.exe unauthenticated remote command execution
- Sunway AngelServer DoS
- Sunway SNMP NetDBServer stack-based buffer overflow
- Advantech Web Studio DoS 0-day
I would like to comment that several of these vulnerabilities were disclosed with public PoC code, including:
- Rockwell RSLogix 5000 DoS
- SCADAPro Stack Overflow
- Cogent Datahub Buffer Overflow
- Sunway HTTPSVR.exe Remote Code Execution
- Sunway SNMP Stack Overflow
I have created a new list of new SCADA/ICS vulnerabilites, complete with PoC (if available) and additional references at SCADAhacker.com. I am about a week behind, but intend to keep this current and up to date as new vulnerabilities are disclosed.
As always, please post your comments or suggestions to improve the usefulness of this information.