Critical Infrastructure Security

Fixes remain elusive for Rapid SCADA vulnerabilities threatening industrial orgs

SecurityWeek reports that seven vulnerabilities within the open-source industrial automation platform Rapid SCADA used in monitoring and control system development continue to be unaddressed despite being reported by Claroty researchers in July, placing sensitive industrial systems at risk. Threat actors could leverage the flaws, which include one critical and two high-severity issues, to compromise sensitive files and administrator passwords, while facilitating privilege escalation and arbitrary code execution, according to an advisory from the Cybersecurity and Infrastructure Security Agency, whose attempts to communicate the vulnerabilities to Rapid SCADA developers were also ignored. Some of the security issues could also be used to enable remote code execution and eventually permit total server takeovers, noted Claroty vulnerability researcher Noam Mosche. "After a successful exploit, the attackers could alter the behavior of services controlled by the Rapid SCADA server, move laterally inside the victims networks, etc," said Mosche.

Related

Third-party ransomware attack threatens Sweden’s liquor supply

Swedish government-owned liquor retailer Systembolaget, which is the country's lone vendor of alcoholic beverages, has warned of a shortage of some beers, wines, and spirits across the country following a ransomware attack against its distributor Skanlog, which its CEO Mona Zuko has attributed to a North Korean state-sponsored threat operation, according to The Record, a news site by cybersecurity firm Recorded Future.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.