Today Joel Langill and Eric Byres are publishing a White Paper that analyzes the vulnerabilities for one of the product families, the ICONICS GENESIS HMI platform.
This White Paper covers:
• Vulnerability Details
• Affected Systems
• Detection and Removal
• Mitigations and Compensating Controls
• Frequently Asked Questions
• References
Although the vulnerabilities are relatively trivial, at a minimum they can be used to crash control system servers, causing a denial-of-service condition and loss of view. A more experienced attacker could exploit them to gain system access and then inject potentially malicious code.
This White Paper provides six measures that ICONICS GENESIS customers can take to protect their system from these vulnerabilities. Operators of other HMI products are advised to consider similar measures.
A blog article is also available about this White Paper:
"Protecting your ICONICS GENESIS SCADA HMI System from Security Vulnerabilities"
Byres Security Inc. - www.tofinosecurity.com