ICS-CERT (Industrial Control Systems Cyber Emergency Response Team), under the Department of Homeland Security of the US government, has issued an alert of a possible SCADA vulnerability affecting solar power plants.
The affected product is the Sinapsi eSolar Light Photovoltaic System Monitor which is used to communicate with photovoltaic inverters, gauges, energy meters, network analysers etc. The exploit allows a hacker to “remotely connect to the server and executing remote code, possibly affecting the availability and integrity of the device,” according to the report issued at the CERT website.
The vulnerabilities are exploited by authenticating to the service using hard coded credentials as per two security researchers, Roberto Paleari and Ivan Speziale, who identified the vulnerable system as the Schneider Electric Ezylog photovoltaic SCADA management server. It is stated to suffer from multiple vulnerabilities including SQL injection vulnerabilities and hard coded authorizations.
ICS-CERT has a working proof of concept code and has contacted the vendor of the software to confirm the vulnerability and identify mitigations. This is days after Defense Secretary Leon Panetta had warned about possible ‘cyber Pearl Harbour’ in a speech at the Interpid Air and Space Museum. SCADA systems are the underlying control systems of important national infrastructures such as power plants and even small cyber-attacks on them could have big repercussions on the nation as a whole.
Source: ICS-CERT (PDF)
Via: Naked Security