IN11-504: Canadian CCIRC Vulnerability Note

The Canadian Cyber Incident Response Centre Information (CCIRC) Information Note IN11-504 on Cyber Threats and Vulnerabilities Against SCADA Systems summarizes hundreds of pages of security bulletins into a succinct document.

This note covers 8 important Vulnerabilities.

Downloadable PDF Data sheet for the Modbus TCP Enforcer - describes features and benefits for modbus security CCIRC IN11-504  (28 kb)  No distribution permitted – see details below.

CCIRC IN11-504 (text version - 30 kb)  No distribution permitted – see details below.

The Vulnerabilities covered are:

  1. Recent disclosure of vulnerabilities with exploits proof-of-concept
  2. Samsung Data Management Server - SQL injection vulnerability
  3. BroadWin WebAccess RPC vulnerability
  4. Trihedral VTScada and Internet exposed control systems
  5. Wonderware InBatch Buffer Overflow
  6. Network Intrusion Detection Systems (IDS) signatures for SCADA
  7. Ecava IntegraXor Unauthenticated SQL vulnerability
  8. Control Systems and the use of wireless technologies

No distribution permitted

You are accessing this document because you are a bona fide ICS or SCADA security professional.  Do not redistribute this information or post it on the internet. 

If you know someone who would like this document, please send them the link:

http://www.tofinosecurity.com/user/register

to register for this website to obtain access. (You cannot go to this link if you are logged into this website.  The link works for people who are not logged in.)

Related Links

"Analysis of the 7-Technologies IGSS Security Vulnerabilities for Industrial Control System Professionals" .  This White Paper analyzes the IGSS vulnerabilities and provides 6 Compensating Controls for protecting SCADA systems.  Applies to Vulnerability 1 of CCIRC IN11-504.

"Protecting your ICONICS GENESIS SCADA HMI System from Security Vulnerabilities (plus White Paper)" -  This blog article and accompanying White Paper analyze the GENESIS vulnerabilities and describe 6 six measures that operators can take to protect ICS and SCADA systems. Applies to Vulnerability 1 of CCIRC IN11-504.

"More SCADA Security Threats: Where There’s Smoke, There’s Fire" -  This blog article discusses how once a vulnerability is identified, it is often easy to find more.  Applies to Vulnerability 1 of CCIRC IN-504.

"The Italian Job – Multiple SCADA/ICS Vulnerabilities Go Public” – in this blog article Eric Byres gives his perspective and concerns about Vulnerability 1 of CCIRC IN11-504.

ISSSource.com, March 23, 2011
More SCADA Vulnerabilities Found