Arbitrary code execution in a controller, what could go wrong?
Siemens industrial control systems designed specifically for energy plant gear are riddled with dozens of security vulnerabilities that are, luckily enough, tricky to exploit from the outside.
The teams at Positive Technologies, Kaspersky Lab, and Biznet Bilisim took credit for finding and reporting 54 CVE-listed flaws in the SPPA-T3000 (PDF), an application server that handles the management of power plant controllers.
According to Siemens this week, the control system is "mostly used in fossil and large scale renewable power plants." The vulnerable components are usually protected by a firewall, meaning a hacker would most likely have to be positioned appropriately on the local network to exploit the bugs. Crucially, the miscreant would need access to a so-called highway component ..
Support the originator by clicking the read the rest link below.
