ICS-CERT Advisory (ICSA-16-070-01) Schneider Electric Telvent RTU Improper Ethernet Frame Padding Vulnerability

Posted: 03/11/2016 | Leave a Comment

David Formby and Raheem Beyah of Georgia Tech have identified a vulnerability caused by an Institute of Electrical and Electronics Engineers (IEEE) conformance issue involving improper frame padding in Schneider Electric’s Telvent SAGE 2300 and 2400 remote terminal units (RTUs). Schneider Electric has already released a revision that eliminates this vulnerability. This advisory serves as a notification of a new vulnerability in the previous software version. The researchers have tested the revision to validate that it resolves the reported vulnerability.

Website: https://ics-cert.us-cert.gov/advisories/ICSA-16-070-01

The DoD Cybersecurity Policy Chart

This chart captures the tremendous breadth of applicable policies, some of which many cybersecurity professionals may not even be aware, in a helpful organizational scheme.

View the Policy Chart

CSIAC Journal - Launching Innovation Through Medical Modeling and Simulation Technologies

This Special Edition of the Journal will provide a glimpse into current efforts to improve military medical training with simulation-based solutions.

Read the Journal

CSIAC Journal - Innovation Based Ecosystems

This issue of the Journal of Cyber Security & Information Systems explores how managing fast adoption modern-based system has more to do with understanding capabilities, interdependency between systems and effectively operating in the new paradigm than it has to do with differentiating product features.

Read the Journal