GE Hit by Vulnerability

Friday, January 20, 2012 @ 01:01 PM gHale


There are multiple vulnerabilities with proof-of-concept (PoC) exploit code affecting the General Electric (GE) D20ME, part of the GE D20Substation Controller product, according to a report from ICS-CERT.

The vulnerability is exploitable by utilizing TFTP connections to the controller, according to security researcher Reid Wightman, who revealed the vulnerability at the S4 conference this week.

RELATED STORIES
Schneider: More Patches for Module Hole
Certec DoS Hole Patched
Rockwell FactoryTalk Vulnerability
Rockwell Adds More Platform Patches

ICS-CERT has notified GE of the report and has asked GE to confirm the vulnerability and identify mitigations.

ICS-CERT issued the alert to provide early notice of the report and identify baseline mitigations for reducing risks to these and other cyber security attacks.

The report included vulnerability details and PoC exploit code for the following vulnerabilities that are remotely exploitable: Data leakage that could lead to a leakage of authentication credentials and arbitrary code execution where an attacker could execute arbitrary commands and denial of service.

ICS-CERT is currently coordinating with GE and the researcher to identify mitigations.



Leave a Reply

You must be logged in to post a comment.