China Sleeps On A Stuxnet-Like SCADA Bug

One of the most widely used SCADA (supervisory control and data acquisition) applications in China may be harboring a critical security vulnerability that could allow an attacker to exploit the bug
and execute arbitrary code.

One of the most widely used SCADA (supervisory control and data acquisition) applications in China may be harboring a critical security vulnerability that could allow an attacker to exploit the bug
and execute arbitrary code.

The hole was discovered in an application produced by Wellintech, a Beijing based professional automation software company, according to Dillon Beresford, a security researcher at NSS Labs. Beresford wrote about the hole on his blog

The hole is in the KingView Software, industrial automation software. That software is widely used within China and a vulnerable version of the software is available for download from Wellintech’s site, he said. 

After he found the hole in September, Beresford informed Wellintech and CN-CERT, China’s national Computer Emergency Response Team, but hasn’t heard back from either. He said he is not aware of any patches or other remediation efforts to address the issue to date. Inquiries by the researcher to US-CERT suggested that no action had been taken on the vulnerability. 

Threatpost requests for comment from Wellintech and US-CERT were not returned prior to publication. 

Beresford
wrote a TCP bind shell script using The Metasploit Framework that is capable of exploiting the
vulnerability. That script has been submitted to Exploit-DB, an archive of exploits and
vulnerable software.

The security of SCADA and industrial control systems has become an area of widespread concern since the discovery of the Stuxnet worm in 2010. That worm, which targeted programmable logic controllers by Siemens Inc. is widely believed to have targeted uranium enrichment facilities in Iran, but spread to other countries, as well, including India. By addressing this vulnerability, China and Wellintech could
be potentially curbing the risk of a Stuxnet
or Aurora
type mishap.

Suggested articles

Discussion

  • Expatriated American Patriot on

    Actually it would be very good for the free world if the chinese had a lot of bugs in their SCADA software. Cyber-warfare would be a good method to save american and aussie lives inthe inevitable war against communist China.

    Communist China will soon be the number one enemy of democracies worldwide. Australia is already openly arming itself with lot of new naval and air force military hardware, because they expect a full chinese military invasion in 20 years.

    Russia is foolish to ally with China, because as soon as the chinese win against America and NATO/SEATO, the 1.3 billion chinese people will invade Siberia and push Russia back to the european side of the Urals. Russia should ally with India rather than China, to create a counter-weight in Asia.

  • Anonymous on

    Dear Expatriated American Patriot,

    I am Australian and am not of the belief China will invade.

    You must be on drugs. Seriously...

  • China Cyber Warefar ...... on

    For both of you, Expatriated American Patriot & Anonymous come to the International CyberWarfare Event in London at the end of the month and i will share with you how it has already started.....

    http://www.iqpc.com/Event.aspx?id=386992

     

    Semper Fi -

  • Anonymous on

    They don't actually have to invade, they are already winning the econ war over both US and all the West including Australia. The cyber espionage supports both the military and the state owned econ warfare machine. They will take all the value add manufacturing jobs and leave you nothing but resource extraction work. You can look forward to your kid being a miner working for a Chinese company - consider the death rate in Chinese mining or maybe if he or she is lucky they can get a job as a servant for a Chinese manager. China will not actually invade unless your kids misbehave. 

     

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.