Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Siemens fixes security flaws in SCADA industrial control systems

From: InfoSec News <alerts () infosecnews org>
Date: Tue, 14 Jun 2011 00:12:13 -0700 (MST)
http://news.techworld.com/security/3285507/siemens-fixes-security-flaws-in-scada-industrial-control-systems/

By Robert McMillan
Techworld.com
13 June 11
Siemens has fixed bugs in its Simatic S7 industrial computer systems, used to control machines on factory floors, power stations and chemical plants.
The patches, released Friday, mark Siemens' first response to a high profile computer security incident since the Stuxnet worm, which was discovered a year ago circulating on computer networks in Iran.
Siemens fixed a pair of flaws in the S7-1200 controller, acknowledging that one could be leveraged to take control of the system using what's known as a replay attack. A second flaw, in a web server that ships with the device, could give attackers a way to crash the system. However, the attacker would have to first find a way onto the victim's network before launching these attacks.
Siemens had been scrambling to fix the bugs since they were discovered earlier this year by Dillon Beresford, a researcher with security vendor NSS Labs. Beresford had hoped to discuss the issues at a hacking conference in May, but pulled out of the event when it became clear that Siemens could not fix the problem in time. 

[...]


___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Previous By Date Next
Previous By Thread Next

Current thread: