[Ics-security] RuggedCom Will Issue Firmware Updates for Backdoor
Robert Lukens
rlukens at jlab.org
Tue May 1 16:44:59 EDT 2012
FYI from
> SANS NewsBites May 1, 2012 Vol. 14, Num. 035
--Bob
> --RuggedCom Will Issue Firmware Updates for Backdoor
> (April 30, 2012)
> Canadian company RuggedCom says it will remove an embedded backdoor
> login account from its industrial control systems. The vulnerability has
> been known for more than a year; last week, the problem was disclosed
> publicly. The flaw was discovered by Justin W. Clarke after he purchased
> two used RuggedCom devices on eBay. Clarke notified RuggedCom about the
> problem in April 2011. When RuggedCom did not address the issue, Clarke
> contacted the US Department of Homeland Security's Industrial Control
> System Cyber Emergency Response Team and CERT Coordination Center at
> Carnegie Mellon University. RuggedCom now plans to release new versions
> of its firmware to remove the account in its products, which are used
> on power grids and systems that control railways and traffic. The
> update, which will be released in the next several weeks, will disable
> telnet and remove shell services by default. The issue illustrates a
> problem in the development cycle at RuggedCom. Apparently the developer
> backdoor was included in the final release of the products. Security
> researcher Reid Weightman wrote that "nobody and no process at RuggedCom
> stopped it, and RuggedCom has no process to address security concerns
> in already-released products."
>
> http://www.wired.com/threatlevel/2012/04/ruggedcom-to-fix-vuln/
More information about the ICS-Security
mailing list