According to InformationWeek, security researcher Luigi Auriemma has released detailed proof-of-concept attacks for 35 vulnerabilities in supervisory control and data acquisition systems (SCADA).
CRN reports that the flaws impact Siemens Tecnomatix FactoryLink 184.108.40.2063, Iconics GENESIS32 9.21 and GENESIS64 10.51, 7-Technologies IGSS 9.00.00.11059 and DATAC RealWin 2.1 (Build 220.127.116.11) from DATAC.
While many of the vulnerabilities pose little danger other than a system crash, there are two notable exceptions: Siemens Tecnomatix FactoryLink can be made to download a file, creating the possibility of a remote code execution attack. In addition, 7-Technologies IGSS software is at risk of arbitrary file execution.
PCWorld reports that the findings prompted U.S. CERT's Industrial Control Systems Cyber Emergency Response Team to issue four alerts. But Auriemma downplays the risk:
In my opinion there is absolutely no risk because these systems are not made to be reached via the internet ... If an attacker reaches the vulnerable systems, it means the security of the company has been already compromised before.
Siemens is no stranger to SCADA vulnerabilities. Its WinCC product was targeted by the Stuxnet malware, which is widely believed to have been developed by a government. It is thought to have been created to disrupt uranium enrichment efforts.