Allen Bradley – The design flaw of the programmable logic controller – system vulnerability

Traditional layer 2 communication system (without TCP/IP), proprietary OS system and without internet technology similar as a antibody protect the important facilities especially electricity power supply, water supply and natural gas facilities. But the element of civilization like a non stop vehicles moving forward. Whereby the man kind went through industrial revolution till today digital technology revolution. Our daily lifes support by electricity, water and natural gas. In order to maintain the stability and quality of those resources of supply. A analogue to digital (electronics) conversion was done, Thereby those facilities are under governance and control by PLC and SCADA today. However a design limitation was found since the components embedded Microsoft operation system and Linux opensource. So we heard power facilities encountered cyber attacks. This time the design flaw found in Allen Bradly PLC product. Regarding to the CVE reference number, we found that the vulnerabilities reported last year and believed that vulnerabilities has been fix. But a reminder to all of us is that vulnerabilities not limit to your office automation system and smartphone.The vulnerabilities are go with us daily.

Below url provides an overview of cyber attack on nuclear power facilities for reference.

Potential black force – digitize Godzilla

CVE-2017-12093

https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0445

CVE Number

CVE-2017-14462, CVE-2017-14463, CVE-2017-14464, CVE-2017-14465, CVE-2017-14466, CVE-2017-14467, CVE-2017-14468, CVE-2017-14469, CVE-2017-14470, CVE-2017-14471, CVE-2017-14472, CVE-2017-14473

https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0443

Leave a Reply

Your email address will not be published. Required fields are marked *