Serious hole in critical-infrastructure software, says U.S.

The U.S. government is warning critical-infrastructure operators of a serious
hole in software used in oil and gas; water; electric utilities; and
manufacturing plants around the world.

The stack overflow vulnerability affects the Genesis32 supervisory control
and data acquisition (SCADA) and BizViz software sold by ICONICS, according to
an advisory (PDF)
released yesterday by the Department of Homeland Security’s ICS-CERT (Industrial
Control Systems Cyber Emergency Response Team). ICONICS has issued a patch to
close the hole, which could allow an attacker to remotely execute code and take
control of the computer.

Meanwhile, an exploit targeting the vulnerability was publicly available, the
advisory said. To be successful, an attacker would need to use social
engineering to lure a user with the “GenVersion.dll” (dynamic-link library)
ActiveX control installed to visit a Web page that hosts malicious JavaScript.
The dynamic-link library is a component of WebHMI (human machine interface) used
in the ICONICS software, according to the advisory, which cited a report (PDF)
by researchers at

“This vulnerability requires moderate skill to exploit,” the warning said.

Fifty-five percent of the Genesis32 installations are in the U.S., 45 percent
are in Europe, and 5 percent are in Asia, according to Foxborough, Mass.-based

The advisory comes less than two months after the ISC-CERT and several
researchers warned of a handful of holes in
different SCADA software.

Security issues with software used to monitor and control
critical-infrastructure systems are cropping up more and more as those systems
adopt Web-based technologies that provide channels into previously isolated

Read more:

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: