http://www.theregister.co.uk/2011/12/14/scada_bugs_threaten_criticial_infrastructure/ By Dan Goodin in San Francisco The Register 14th December 2011 An electronic device used to control machinery in water plants and other industrial facilities contains serious weaknesses that allow attackers to take it over remotely, the US agency that safeguards the nation's critical infrastructure has warned. Some models of the Modicon Quantum PLC used in industrial control systems contain multiple hidden accounts that use predetermined passwords to grant remote access, the Industrial Control System Cyber Emergency Response Team said in an advisory (PDF) issued on Tuesday. Palatine, Illinois–based Schneider Electric, the maker of the device, has produced fixes from some of the weaknesses and continues to develop additional mitigations. The PLCs, or programmable logic controllers, reside at the lowest levels of an industrial plant, where computerized sensors meet the valves, turbines, or other machinery that's being controlled. The default passwords are hard-coded into Ethernet cards the systems use to funnel commands into the devices, and temperatures and other data out of them. The Ethernet modules also allow administrators to remotely log into the machinery using protocols such as telnet, FTP, and something called the Windriver Debug port. According to a blog post published on Monday by independent security researcher Rubén Santamarta, the NOE 100 and NOE 771 modules contain at least 14 hard-coded passwords, some of which are published in support manuals. Even in cases where the passcodes are obscured using cryptographic hashes, they are trivial to recover thanks to documented weaknesses in the underlying VxWorks operating system. As a result, attackers can exploit the weakness to log into devices and gain privileged access to its controls. [...] _____________________________________________________ Subscribe to InfoSec News - www.infosecnews.org http://www.infosecnews.org/mailman/listinfo/isnReceived on Wed Dec 14 2011 - 01:37:50 PST
This archive was generated by hypermail 2.2.0 : Wed Dec 14 2011 - 01:42:11 PST