Over the past week, I have been digging into the Siemens S7 PLC vulnerabilities that were discovered by Dillon Beresford at NSS Labs in May. In the first blog article, I analyzed the contradictory information being circulated in an attempt to scrape out a few facts and guesses on what PLC products are actually affected and what the nature of the vulnerabilities are.
Practical SCADA Security
Control System Security Threats, Security / Reliability Incidents, Useful Industrial Cyber Security Tips
- Add new comment
In my previous blog, I analyzed the contradictory information being circulated regarding the Siemens S7 PLC vulnerabilities that were discovered by Dillon Beresford at NSS Labs in May. By studying the various Siemens and NSS notices, we were able to scrape out a few facts.
The recent news that Dillon Beresford at NSS Labs had discovered somewhere between four and six serious vulnerabilities in the Siemens S7 PLC product has created quite a storm of news and concern for critical asset owners. Unfortunately, information on the range and severity of the vulnerabilities has been contradictory.
In the past two months, the number of serious security vulnerabilities being reported in SCADA and ICS products has sky rocketed. In late March, I blogged about how Luigi Auriemma published 34 vulnerabilities (with free exploit code) for 4 popular HMI packages.
Readers of this blog are familiar with the significantly increased level of threat to industrial control systems (ICS) that the Stuxnet malware and the publication of many SCADA zero-day vulnerabilities have created.
- ‹ newer posts
- 23 of 33
- older posts ›