We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Zero-Day Flaws Discovered in SCADA Systems

An Italian security researcher recently disclosed details about several zero-day vulnerabilities in supervisory control and data acquisition (SCADA) systems from several vendors.

The discovery -- the second such disclosure by researcher Luigi Auriemma this year -- is likely to reinforce concerns about weaknesses in the nation's critical infrastructure.

The most recent vulnerabilities affect SCADA products from Rockwell Automation, Cogent DataHub, Measuresoft and Progea, among other vendors.

Most of the vulnerabilities are remote code execution flaws that allow attackers to run code on the systems, and some of the flaws are easy to exploit, Auriemma said. At least three of the vendors have already issued fixes, and Rockwell is working on one, he said.

SCADA systems are used to control critical equipment at power plants, manufacturing facilities, water treatment plants and elsewhere. Security analysts fear that attacks against such systems could cripple critical infrastructure, including the electric grid and water supplies.

The Stuxnet worm, which exploited a weakness in a Siemens control system to disrupt operations at an Iranian nuclear power plant, is often cited as an example of the kind of threat that can be unleashed upon vulnerable SCADA systems.

This version of this story was originally published in Computerworld's print edition. It was adapted from an article that appeared earlier on Computerworld.com.

Read more about security in Computerworld's Security Topic Center.

IDG UK Sites

Galaxy S6 UK release date, price, specs: When is the Samsung Galaxy S6 coming out? Galaxy S6 launch6......

IDG UK Sites

5 things we hate about MWC: What it's like to be a journalist at a technology trade show

IDG UK Sites

Interview: Lauren Currie aims to help design students bridge skills gap

IDG UK Sites

12in Retina MacBook Air release date rumours: new MacBook Air to have fingerprint ID, could launch...