May 2, 2018 at 07:56AM
A severe vulnerability in a widely used industrial control software could have been used to disrupt and shut down power plants and other critical infrastructure. From a report: Researchers at security firm Tenable found the flaw in the popular Schneider Electric software, used across the manufacturing and power industries, which if exploited could have allowed a skilled attacker to attack systems on the network. It's the latest vulnerability that risks an attack to the core of any major plant's operations at a time when these systems have become a greater target in recent years. The report follows a recent warning, issued by the FBI and Homeland Security, from Russian hackers. The affected Schneider software, InduSoft Web Studio and InTouch Machine Edition, acts as middleware between industrial devices and their human operators. It's used to automate the various moving parts of a power plant or manufacturing unit, by keeping tabs on data collection sensors and control systems. But Tenable found that a bug in that central software could leave an entire plant exposed.
Read more of this story at Slashdot.