DSecRG Releases WAGO PLC Zero-day Vulnerabilities

Friday, January 20, 2012

Alexander Polyakov


DSecRG Supports Project BaseCamp by Releasing WAGO PLC 0-day Vulnerabilities

One of the key events in SCADA and PLC security – the S4ICS Symposium – took place in Miami on January 18th and 19th.

Aside from several reports and SCADA security trainings, the results of a colossal project  dedicated to research of vulnerabilities in industrial controllers, was presented at the symposium.

The project was named Project Basecamp. The following industrial controllers were examined:

  • General Electric D20ME
  • Koyo/Direct LOGIC H4-ES
  • Rockwell Automation/Allen-Bradley ControlLogix
  • Rockwell Automation/Allen-Bradley MicroLogix
  • Schneider Electric Modicon Quantum
  • Schweitzer SEL-2032 (a communication module for relays)

The DSecRG (ERPScan subdivision) researchers decided to support the project by releasing their independent research, and added the 750 series WAGO controller to the list.

They have also published a variety of 0-day vulnerabilities for this controller and for the SCADA systems of wellintech KingSCADA and OPC Systems.NET, to draw the public attention to this problem once more.

The following links lead to the details about found vulnerabilities:

The results of the Project BaseCamp research are available here:

Possibly Related Articles:
Information Security
SCADA Zero Day Vulnerabilities Programmable Logic Controllers ICS Alexander Polyakov Industrial Control Systems plc DSecRG S4ICS Symposium Project Basecamp Wellintech KingSCADA 750 series WAGO controller OPC Systems.NET
Post Rating I Like this!
Michael Thibodeaux Great Posting,

Does anyone know if metasploit has been updated for these issues????

The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.