<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TT8R4P" height="0" width="0" style="display:none;visibility:hidden">

Sonatype Blog

Stay updated on the latest news from the makers of Nexus

CERT Warns On Critical Hole In SCADA Software By Italian Firm Progea

Threatpost – (International) CERT warns on critical hole in SCADA software by Italian firm Progea. The DHS issued a bulletin May 10 warning about a previously undisclosed, critical vulnerability in Movicon 11, a product used to manage critical infrastructure including the manufacturing, energy, and water sectors. The Industrial Control Systems Cyber Emergency Response Team posted an advisory that warned customers of Progea Srl that a memory corruption vulnerability in the Movicon Human Machine Interface software could allow a remote attacker to knock Movicon devices offline using a specially crafted HTTP POST request sent to the Movicon OPC server component. Progea issued a fix for the problem.

Source: http://threatpost.com/en_us/blogs/cert-warns-critical-hole-scada-software-italian-firm-progea-051112

Topics: component vulnerabilities AppSec Spotlight