ReVuln Demos SCADA Zero Day Vulnerabilities


Security firm ReVuln recently released a video demonstrating zero day vulnerabilities in SCADA systems from General Electric, Schneider Electric, Eaton, Siemens and other companies.

"According to ReVuln, the vulnerabilities allow remote code execution, remote shells access and session hijacking on the PCs that form the foundation of the SCADA installations," The H Security reports. "If the claim is correct, attackers would have the ability to completely take over these systems since many of the control computers are inadvertently accessible over the internet due to their configurations."

"However, ReVuln hasn’t provided the details of the security holes to the organizations whose products are affected, because it only offers its services to companies and governments that request their aid," writes Softpedia's Eduard Kovacs. "This business model has become somewhat controversial, especially after French security firm VUPEN, which also deploys it, has been painted as a 'mercenary' organization that sells its findings only for serious amounts of money."

"However, the practice is not new," notes Techworld's Lucian Constantin. "It's been known for years in the security research community that some companies and independent researchers are selling information about unpatched vulnerabilities to governments and other private buyers, but such transactions used to be done discreetly."

"ReVuln [was] founded by independent security researcher Luigi Auriemma and former RIM security researcher Donato Ferrante," writes Help Net Security's Zeljka Zorz. "Auriemma is well known in the security community for his work in discovering vulnerabilities [in] any and every kind of software, but in the last few years he has been mostly focusing on ferreting out SCADA vulnerabilities and creating exploits for them."

"Last week Russian developer Positive Technologies said 40 percent of SCADA systems 'available from the internet' were hackable. ... The volume of SCADA vulnerabilities being uncovered makes [ReVuln's] claims, which would have been considered fanciful two years ago, more than credible -- even though they remain unproven," writes The Register's John Leyden.