Always attentive and active in the industrial CyberSecurity field GE Digital promptly responded to the report received from ICS CERT (The Industrial Control Systems Cyber ​​Emergency Response Team https://ics-cert.us-cert.gov/) of the US DHS (Department Homeland Security) which resulted in some vulnerabilities discovered by researchers in the laboratory.

The good news is that GE Digital's platforms have proven safe when attacked remotely.

The vulnerabilities found within the software products of the Proficy family, called "Password Masking"   (and also reported by the site https://www.theregister.co.uk/2017/01/20/ge_scada_vulns/ they cannot be attacked from the outside: a possible IT incident could only be caused by local access to the installation on the systemby an attacker with a high level of knowledge of the systems in question. No incidents of this type have yet been reported.

The three vulnerabilities, as mentioned already remedied with the release of patches by GE Digital, concerned the software products iFix, Cimplicity and Historian.

In particular:

  • The CVE-2016-9360 vulnerability makes it possible for an attacker to log into a session by intercepting users' passwords locally. The GE Proficy HMI / SCADA iFIX 5.8, Proficy HMI / SCADA CIMPLICITY 9.0, and Proficy Historian 6.0 and earlier versions were found to be vulnerable. As mentioned, specific patches have already been made available
  • Another vulnerability makes it possible for an attacker or malware with local access to obtain the database passwords of iFIX 5.8 (Build 8255) and earlier versions. A patch to fix this vulnerability is already available
  • A third vulnerability makes it possible for a local attacker to block the application's access to the real-time database, causing an error in reading or writing data in the Proficy Historian database. A specific patch is already available for this too.

At this GE Digital link, information is available on the matter, the remediation plans with links to the patches:

https://digitalsupport.ge.com/communities/en_US/Article/GE-Digital-Security-Advisory-GED-16-02

ServiTecno has long been offering services and products for the safety and protection against IT risks of networks and automation, control and remote control systems: https://www.servitecno.it/bisogni/cyber-security/