IN11-505: Canadian CCIRC Vulnerability Note

The Canadian Cyber Incident Response Centre Information (CCIRC) Information Note IN11-505 on Cyber Threats and Vulnerabilities Against SCADA Systems summarizes hundreds of pages of security bulletins into a succinct document.

This note covers 14 important Vulnerabilities.

Downloadable PDF Data sheet for the Modbus TCP Enforcer - describes features and benefits for modbus security CCIRC IN11-505  (33 kb)  No distribution permitted – see details below.

CCIRC IN11-505 (text version - 41 kb)  No distribution permitted – see details below.

The Vulnerabilities covered are:

  1. Solar Magnetic Storm Impact on Control Systems
  2. Advantech/Broadwin Webaccess RPC Vulnerability
  3. Multiple Vulnerabilities in Siemens Tecnomatix FactoryLink
  4. Gleg Agora SCADA + Exploit Pack
  5. Wonderware InBatch Client Activex Buffer Overflow
  6. Honeywell Scanserver Activex Control
  7. ICONICS GENESIS Multiple Vulnerabilities
  8. RealFlex RealWin Multiple Vulnerabilities
  9. 7-Technologies IGSS ODBC Remote Stack Overflow
  10. 7-Technologies IGSS Multiple Vulnerabilities
  11. Samsung Data Management Server
  12. Samsung Data Management Server Root Access
  13. Advantech Studio ISSymbol Activex Control Buffer Overflow Vulnerabilities
  14. ICONICS GENESIS32 and BizViz Activex Stack Overflow

No distribution permitted

You are accessing this document because you are a bona fide ICS or SCADA security professional.  Do not redistribute this information or post it on the internet. 

If you know someone who would like this document, please send them the link:

to register for this website to obtain access. (You cannot go to this link if you are logged into this website.  The link works for people who are not logged in.)

Related Links

"Protecting your ICS from Zero-Day Attacks (plus Video)" -  This blog article and excellent video address how a specific zero day attack works against a Siemens FactoryLink HMI system. Applies to Vulnerability 3 of CCIRC IN11-505.  The video also demonstrates how the vulnerability can be mitigated using an industrial firewall.  

"Analysis of the 7-Technologies IGSS Security Vulnerabilities for Industrial Control System Professionals" .  This White Paper analyzes the IGSS vulnerabilities and provides 6 Compensating Controls for protecting SCADA systems.  Applies to Vulnerabilities 9 and 10 of CCIRC IN11-505.

"Protecting your ICONICS GENESIS SCADA HMI System from Security Vulnerabilities (plus White Paper)" -  This blog article and accompanying White Paper analyze the GENESIS vulnerabilities and describe 6 six measures that operators can take to protect ICS and SCADA systems. Applies to Vulnerabilities 7 and 14 of CCIRC IN11-505.

"More SCADA Security Threats: Where There’s Smoke, There’s Fire" -  This blog article discusses how once a vulnerability is identified, it is often easy to find more.

"The Italian Job – Multiple SCADA/ICS Vulnerabilities Go Public” – in this blog article Eric Byres gives his perspective and concerns about the multiple vulnerabilites released by Luigi Auriemma, an Italian researcher., March 23, 2011
More SCADA Vulnerabilities Found