Monthly Archives: September 2008

CitectSCADA Exploit Release

SNOsoft/Netragard’s Kevin Finisterre recently released an Exploit, not Attack Code, to demonstrate that a critical vulnerability does exist in Citect’s CitectSCADA product. This code was released so that users of the product could accurately determine their own level of risk and exposure as well as determine the seriousness of the risk it creates as it relates to their infrastructure. This code was released after the vendor, Citect, had created a fix for the vulnerability and after people had been given sufficient time to implement the fix.It is important to understand that the risk to Infrastructural businesses existed well before Kevin released his exploit code and well before Core Security released their advisory. The risk was born the moment the programming error in the CitectSCADA product happened. When Core Security identified the risk and notified the vendor they began the process of defending Infrastructural businesses against attack.Citect responded very rapidly and appropriately to Core’s discovery and released a fix for the issue. Shortly thereafter, Kevin created a working Proof of Concept (“Exploit”) that enabled users of the CitectSCADA technology to test their own networks to see if in fact they were vulnerable to attack. In addition, Kevin worked with other security experts to help get an Intrusion Detection Signature developed that would detect any attempt at attacking a vulnerable system. That signature is available here.In all reality Kevin’s exploit code was very unlikely the first version. Chances are very high that other hackers had already created an exploit to penetrate into the CitectSCADA computer systems. Kevin’s release of his version of an exploit for this vulnerability has a powerful negative impact on the value of the exploit to malicious hackers. When a […]


Hackers: Amaturs, non profit. Netragard, LLC. — The Specialist in Anti Hacking.