Tenable Releases New SCADA Plugins
Supervisory Control And Data Acquisition, or SCADA, generally refers to the computers that control industrial and infrastructure systems. These include systems found in power plants, nuclear reactors, commercial buildings and more. The last few weeks have seen another serious blow to the perception of SCADA security.
On March 21st, Luigi Auriemma posted to the Full-Disclosure mail list announcing his research and vulnerability findings in SCADA products from vendors such as Siemens, Iconics, 7-Technologies and DATAC. Auriemma’s post included links to 34 advisories ranging from overflows to denial of service. Due to the sensitive nature of SCADA systems and the resources they control, his research made the news. A day later, Ruben Santamarta (aka reversemode) announced the availability of vulnerability information in SCADA vendors including Advantech/BroadWin and CSE-Semaphore. The next day, US-Cert issued an advisory about SQL injection vulnerability in Ecava IntegraXor, another SCADA system.
Gleg, a Moscow based security company, announced that they were updating their recently released Agora SCADA+ vulnerability pack (containing 11 0-day SCADA vulnerabilities) with exploit code for the vulnerabilities disclosed by Auriemma. Gleg’s exploit pack is a drop-in module for Immunity’s CANVAS exploit framework.
Building on Nessus’ ability to scan for vulnerabilities in SCADA systems, Tenable has released 7 new plugins over the last week:
- Movicon TcpUploadServer Data Leakage (remote check)
- Movicon TcpUploadServer Detection
- Movicon < 11.2 Build 1084
- Movicon Detection
- IGSS Data Server Directory Traversal
- 7-Technologies IGSS Detection
- RealWin < 2.1.10 Multiple Packet Type Processing Overflows
Tenable will continue to develop plugins to assist SCADA administrators in securing their networks and is committed to helping our customers test and monitor SCADA devices and control system technologies. Our partner, Digital Bond, has written dozens of Nessus audit polices for a wide variety of control system applications that are available to the general public. In addition, Tenable’s Passive Vulnerability Scanner can be deployed to continuously monitor control systems to detect a wide variety of protocols, applications and vulnerabilities.
Related Articles
Study: Tenable Offers Fastest, Broadest Coverage of CISA's KEV Catalog
October 23, 2023Tenable ranked first in multiple vulnerability management categories, including the most comprehensive coverage and quickest detection of CISA's Known Exploited Vulnerabilities, according to a Miercom report commissioned by Tenable.
Tuning Network Assessments for Performance and Resource Usage
September 13, 2022Using the correct tool for the job and optimizing scanner placement will have a large impact on scan efficiency with Nessus, Tenable.io and Tenable.sc.
Terrascan Joins the Nessus Community, Enabling Nessus To Validate Modern Cloud Infrastructures
May 17, 2022The addition of Terrascan to the Nessus family of products helps users better secure cloud native infrastructure by identifying misconfigurations, security weaknesses, and policy violations by scanning Infrastructure as Code repositories.
CVE-2024-7593: Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
August 14, 2024Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available
Microsoft’s August 2024 Patch Tuesday Addresses 88 CVEs
August 13, 2024Microsoft addresses 88 CVEs with seven critical vulnerabilities and 10 zero-day vulnerabilities, six of which were exploited in the wild.
Compromising Microsoft's AI Healthcare Chatbot Service
August 13, 2024Tenable Research discovered multiple privilege-escalation issues in the Azure Health Bot Service via a server-side request forgery (SSRF), which allowed researchers access to cross-tenant resources.
- Nessus
- SCADA