SIGN IN YOUR ACCOUNT TO HAVE ACCESS TO DIFFERENT FEATURES

FORGOT YOUR PASSWORD?

FORGOT YOUR DETAILS?

AAH, WAIT, I REMEMBER NOW!
Need Help? Email [email protected]
  • LOGIN

E-SPIN Group

CONTACT US / GET A QUOTE
  • No products in cart.
  • HOME
  • PROFILE
    • Corporate Profile
    • About us
    • Customer Overview
    • Investor Relations
    • Procurement
  • GLOBAL THEMES
    • Artificial Intelligence (AI)
    • Big Data
    • Blockchain
    • Cloud Computing
    • Cognitive Computing
    • Cyber Security
    • DevSecOps
    • Digital Transformation (DT)
    • Modern Workplace
    • Internet of Things (IoT)
    • Quantum Computing
  • SOLUTIONS
    • Application Security
    • DevSecOps
    • Digital Forensics
    • IT Operations Management (ITOM)
    • Malware Analysis and Reverse Engineering
    • Network Management System (NMS)
    • Network Operation (NetOps)
    • Network Performance Monitoring and Diagnostics (NPMD)
    • Penetration Testing
    • Secure Development
    • Security Information & Event Management (SIEM)
  • INDUSTRIES
    • Aerospace & Defense
    • Automotive
    • Banking & Financial Markets
    • Chemical & Petroleum
    • Commercial and Professional Services
    • Construction & Real Estate
    • Consumer Products
    • Education
    • Electronics
    • Energy & Utilities
    • Food & Beverage
    • Information Technology
    • Insurance
    • Healthcare
    • Goverment
    • Telecommunications
    • Transportation
    • Travel
    • Manufacturing
    • Media & Entertainment
    • Mining & Natural Resources
    • Life Sciences
    • Retail
  • PRODUCTS
    • Brand Overview
      • Acunetix
      • E-Lock
      • Hex-Rays
      • Immunity
      • Progress | Ipswitch
      • Metageek
      • Qualys
      • Parasoft
      • Tenable
      • Titania
      • Veracode
    • Rest of Brands
      • Adobe
      • BeyondTrust
      • Core Security
      • DefenseCode
      • HCL
      • ImmuniWeb
      • LiveAction
      • McAfee
      • Micro Focus
      • Microsoft
        • Microsoft Surface
      • Netsparker
      • Nutanix
      • Paessler
      • PECB
      • Portswigger
      • Red Hat
      • Riverbed
      • RSA
      • Solarwinds
      • TamoSoft
      • Trend Micro
      • TSFactory
      • Trustwave
      • VMware
      • VanDyke
      • Visiwave
    • Services Overview
    • Line Card
  • e-STORE
    • e-STORE
    • eSTORE Guide
    • SUPPORT
  • CAREERS
    • Careers
    • Culture, Values and CSR
    • How We Hire
    • Job Openings
  • BLOG / NEWS
    • Blogs and News
    • Resources Library
    • Calendar of Events
  • CONTACT
  • Home
  • Brand
  • SCADA+ Exploitation Pack for CANVAS
E-SPIN McAfee Application Data Monitor Product Overview
0
E-SPIN
Saturday, 29 February 2020 / Published in Brand, Immunity, Product

SCADA+ Exploitation Pack for CANVAS

Due to the product continuous update in nature, so we prepare this post for those who interest to know what is include inside. Latest update will be show on the top, while older update will be auto show below. This post will keep update and the post date will follow the latest date, so it will show one post date, rather than multiple post for hassle free reading in one post. This post is about CANVAS Exploitation Pack (CEP) SCADA+, it need to be use with CANVAS Exploitation Testing Framework. SCADA+ Exploitation Pack for CANVAS is a must for those conduct exploitation testing and security assessment on SCADA/ICS. Feel free to contact E-SPIN for product and related matters.


SCADA+ Exploitation Pack for CANVAS Product Overview

One of the current trends in exploitation is targeting SCADA systems (Stuxnet). The SCADA+ pack speaks to this new trend by providing its customers with exploits for both public vulnerabilities and 0day vulnerabilities in SCADA systems. If you serve an industry that does any type of automation, the SCADA+ pack should be on your radar for running the most realistic attack scenarios and penetration tests for your customers. Attackers are very interested in your clients’ SCADA systems, you have to be too. This is an attempt to collect ALL publicly available SCADA vulnerabilities in one exploit Pack. SCADA and related vulnerabilities are very special due to their sensitive nature and possible huge impact involved to successfull exploitation. SCADA Systems are also “hard to patch”, so even old vulnerabilities are actual.

The SCADA+ Pack features:

    • Growing value ~350 exploits currently

Due to low real systems patch rank exploits are actual for a longer time

    • We try to cover most of the public SCADA vulns!

Including old and newly discovered bugs

    • 0 Days for SCADA

We conduct our own in depth research

    • Focused on Industrial software & hardware environment

Not only SCADA, but also Industrial PCs, smart chips and industrial protocols are reviewed.

    • Weak points analyses

Many industrial things suffer from weaknesses like hardcoded password and etc.


2020-Feb-29 1.99 SCADA Pack:

  • ThingsBoard 2.4.1 Remote Code Execution. [1Day]
  • Mitsubishi Electric smartRTU INEA ME-RTU Unauthenticated Configuration Download. CVE-2019-14927
  •  InTouch Edge HMI v8.1 MobileAccessTask DoS. [1Day]

2020-Jan-28 1.98 SCADA Pack:

  • MajorDoMo 1.2.0b Information Disclosure , SQLis… two [1Days] – ScadaLTS 1.1 Arbitrary File Upload/Remote Code Execution [1Day]

2019-Dec-31 1.97 SCADA pack:

  • Omron PLC 1.0.0 – Denial of Service. public
  •  MajorDoMo 1.2.0b – three nice exploits including RCE. [1Day]s

2019-Dec-5 1.96 SCADA pack:

  • Siemens SICAM A8000 Series Unauthenticated Remote Denial of Service. CVE-2018-13798
  • NetHome 3.0-6ae52 Arbitrary File Upload. [1Day]
  • LabCollector 5.423 – SQL Injection. public

2019-Nov-1 1.95 SCADA Pack:

  • RapidSCADA 5.7.0 ScadaServer – Directory Traversal. [1Day]
  • VxWorks TCP Urgent pointer = 0 integer underflow vulnerability. CVE-2019-12255
  • BACnet Stack 0.8.6 Denial of Service vulnerability. CVE-2019-12480

2019-Sep-29 1.94 SCADA Pack:

  •  FANUC Robotics Virtual Robot Controller. CVE-2019-13584
  • IntegraXor 8 Stable SCADA Remote Denial of Service [1Day]
  • XISOM X-Scada Directory Traversal [1Day]
  • FESTO Designer Studio DirTrav [1Day]

2019-Sep-1 1.93 SCADA pack:

  • ScadaLTS 1.1 XSS. [1Day]
  • ScadaLTS 1.1 Arbitrary File Upload/Remote Code Execution [1Day]
  • Loytec LGATE-902 Path traversal. CVE-2018-14918
  • AGG Software Web Server Plugin Directory Traversal. [1Day]

2019-Aug-10 1.92 SCADA Pack:

– ag_WellinTech_KingSCADA_stack_overflow – WellinTech KingSCADA stack-based buffer overflow Denial of Service. public
– ag_Newport_Electronics_iDRN_iDRX_Signal_Conditioners – Newport Electronics iDRN-iDRX Signal Conditioners ActiveX Control Remote File Overwrite Vulnerability.  [1Day]
– ag_lsis_XPServiceController_dos  – LSIS XP-Server XPServiceController Denial Of Service.  [1Day]
– ag_Cogent_DataHub_8x_DoS – Cogent Datahub 8.0.x Denial of Service.  [1Day]

2019-Jul-23 1.91 ver. of SCADA+ contains 4 modules. List:

– AGG Software OPC HTTP Gateway Premium Directory Traversal [1Day] – AGG Software OPC Scada Viewer Directory Traversal [1Day] – Inductive Automation Ignition 7.6.4 XXE [1Day] – Inductive Automation Ignition 7.5.4 XML External Entity [1Day]

2019-Jun-3 1.90 ver. of SCADA+ contains 3 modules. List:

– SpiderControl 6.50.00 SCADA Editor Directory Traversal Vulnerability [1Day]
– ScadaLTS 1.1 SQL Injection  [1Day] – Prosoft RadioLinx ControlScape FH ActiveX Remote Code Execution Vulnerability [1Day]

2019-May-21 1.89 ver. of SCADA+ contains 4 modules. List:

– WAGO PFC200 PLC series Denial Of Service. [CVE-2018-8836]
–  file upload and exec for Advantech webaccess [1Day]
– attacker can retrieve and delete arbitrary files from target [1Day]
– ICPDAS eLogger Arbitrary File Upload [1Day]

2019-Apr-2 1.88 SCADA+ :
– Inductive Automation Ignition 7.5.4 Blind SQL Injection. [1Day] – LeCroy LabWindows/CVI, LabVIEW, and other products ActiveX RCE. [1Day] – Newport Electronics iDRX ActiveX unsafe method [1Day] – Delta Industrial Automation COMMGR RCE. CVE-2018-10594
and more

2019-Feb-28 1.87 SCADA+ :
– Tibbo AggreGate SCADA DoS [1Day] – Advantech WebAccess blind SQL injection + arbitrary files read from target [1Day] – QuickHMI Server v3 Antelope Denial of Service [1Day] – Reliance 4 Control Server Denial of Service [1Day]

2019-Jan-28 1.86 SCADA+ 4 public vulns covered:
– Century Star SCADA httpsvr infoleak
– Schneider Electric InduSoft Web Studio and InTouch Machine Edition – DoS
– Siemens SCALANCE S613 – Remote DoS.
– Siemens SIMATIC S7-1500 CPU – Remote DoS

2018-Dec-26 1.85 ver. of SCADA+ contains 4 modules. List:
– IGSS Arbitrary File Disclosure. [1Day]
– Advantech webaccess exec –  remote users can upload and execute malicious .aspx file. [1Day]
– CyBroHttpServer Directory Traversal. [1Day]
– DataRate v4.1 fake project file allows for Code Execution. [1Day]

2018-Dec-12 1.84 ver. of SCADA+ contains 5 modules. List:
– ESA-Automation Crew Webserver Directory Traveral [1Day]
– Loytec LWEB-900 Directory Traversal [1Day]
– Visu RCE [1Day]
– WinTr v.5.52 trojan project generation. Code Execution [1Day]

– WinTr Scada Hardcoded Credentials + Directory Traversal. [1Day]


2018-Oct-26

1.83 ver. of Scada+ contains 5 modules. List:
– VBASE VOKSERVER Info Disclosure. [1Day]
– Do-more Designer Programming Software Emulator Denial of Service. [1Day]
– GP-Pro EX HMI WinGP Runtime Arbitrary File Disclosure. [1Day]
– GP-Pro EX HMI WinGP Runtime Arbitrary File Upload. [1Day]
– KOYO C-more Programming Software Emulator Denial of Service. [1Day]

2018-Sep-26

1.82 ver. of Scada+ contains 8 modules. List:
– Delta Industrial Automation Robot DRAStudio Arbitrary File Disclosure. [1Day]
– Delta Industrial Automation Robot DRAStudio Arbitrary File Upload. [1Day]
– Infrasightlabs vScopeServer Privilege Escalation. [1Day]
– Piltz PASvisu Arbitrary File Upload. [1Day]
– Productivity Suite Programming Software v3.0.1.1 – Code Execution. [1Day]
– Reliance4 SCADA Control Server Denial of Service. [1Day]
– Simple-Scada 2 Directory Traversal and file Delete. [1Day]
– WebPort BSQLi Privilege Escalation. [1Day]

2018-Aug-29 v1.81 1.81 Scada+ 8 exploits:

– LSIS wXP RCE, DoSes.- three [1Day] exploits
– Cogent Datahub 7.3.x DoS [1Day] – Cogent DataHub Log Poisoning RCE. [1Day] – CX-Supervisor v.3.41 – Code Exec[1Day] – IntegraXor Remote Project Management. [1Day] – logi.cals logi.RTS infoleak. [1Day]


2018-Jul-30 v1.80 1.80 SCADA+ contains 8 [1Day]s ! :

– S3 Scada Remote Runtime Stop
– Advantech WebAccess(8.3)
– 3 exploits (infoleaks + file upload)!
– IntegraXor SCADA – 2 exploits! (Infoleak + filedamage) – MyScada MyPRO RCE Day] – Remote Osciloscope DoS [1Day]


2018-Jun-25 v1.79 1.79 Scada+:

– Atvise Arbitrary File Disclosure [1Day] – Atvise Privilege Escalation [1Day] – Atvise Remote Project Management [1Day] – Cogent Datahub Blind SQLi [1Day] – Piltz PASvisu DoS [1Day] – WinPLC7 Webserver Arbitrary File Disclosure [1Day]


2018-May-28 v1.78 1.78 Scada+ contains 2 modules which were added previously to ZDA (marked 1Day ) and more:

– S3 Scada QNX Remote Command Execution [1-Day] – Moxa MX-AOPC UA Server File Corrupt or DoS [1-Day] – Siemens Sicam PAS < 8.0 Hardcode RCE [CVE-2016-8567]


2018-Apr-25  v1.77 1.77 Scada+ List:

– Dream Report RCE [0-Day] – Loytec L-Studio RCE [0-Day] – WebPort info leakage [0-Day] – SearchBlox v8.3 Unauthenticated Config Altering [0-Day] – UltiDev Cassini Web Server for http://ASP.NET  2.0 info leakage [0-Day]


2018-Mar-27 v1.76 1.76 Scada+ :

– Advantech WebAccess(8.3) Dashboard Viewer Info Disclosure [0-Day] – Mango Automation File Upload RCE [0-Day] – Citect Nexa Monitoring 6.10 – Code Exec [0-Day] – Industrial Energy Management System DIAEnergie Information Disclosure


2018-Feb-28 v1.75 v1.75 Scada+:

– UCanCode ActiveX [0-Day] – LAquis SCADA infoleak [0-Day] – Ecava IntegraXor Code Exec
– Automated Logic WebCTRL 6.1 . CVE-2017-9650


2018-Jan-27 v1.74 1.74 Scada+ four! [0-Day]`s. :

– Reliance 4 SCADA Code Execution Vulnerability 0-Day
– AutomationDirect Point Of View Remote Code Execution Vulnerability 0-Day
– KingView SCADA 7.5 Directory Traversal 0-Day
– Eaton ELCSoft ELCSimulator Stack-based Buffer Overflow 0-Day


 

Tagged under: CANVAS Exploitation Pack (CEP), Exploitation Testing, Immunity, Immunity CANVAS, Pentesting, SCADA, Supervisory control and data acquisition (SCADA)

What you can read next

Why Web Vulnerability Scanner is needed even already have Network Security Scanner
TrendMicro InterScan Web Security (IWSS) Technical Overview by E-SPIN
Web Application Security Assessment (WASA) as a Service Product Overview by E-SPIN
McAfee Server Security Suite Advanced
Blink: Protection from the Threats and Vulnerabilities

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Why paper planner, notebook and journal still one of modern productivity tool

    Paper planner is symbol of dated work practice?...
  • The future of work after COVID-19

    Let’s get real, despite the vaccine rolli...
  • Retail trends for 2021 and beyond

    After a year long of COVID-19 pandemic, lockdow...
  • AppSec Lab AppUse Pro product discontinued notice

    For all the business partners and customers, Be...
  • Linux dominance DevSecOps

    Whether from the DevOps to modern DevSecOps, Li...

Recent Comments

  • Dorai M on 5 Common ML Challenges Data Scientists Face

Archives

  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • March 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • January 2015
  • December 2014
  • October 2014
  • September 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • December 2013
  • November 2013
  • October 2013
  • September 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • August 2012
  • July 2012
  • June 2012
  • May 2012
  • February 2012
  • July 2011
  • June 2011
  • February 2009
  • July 2008

Categories

  • Acunetix
  • Adobe
  • Aerospace and Defence
  • AppSec Labs
  • Automotive
  • Banking and Financial Markets
  • BeyondTrust
  • Brand
  • Chemical and petroleum
  • Codified Security
  • Commercial and Professional Services
  • Construction and Real Estate
  • Consumer products
  • Contact Us
  • Core Impact
  • Core Security
  • DefenseCode
  • E-Lock
  • Education
  • Electronics
  • Energy and utilities
  • FAQ
  • Food and Beverage (F&B)
  • GFI
  • Global Themes and Feature Topics
  • Government
  • HCL
  • Healthcare
  • Hex-Rays
  • IBM
  • Immunity
  • ImmuniWeb
  • Industries
  • Information Technology
  • Insurance
  • Ipswitch
  • Job
  • Life Science
  • LiveAction
  • Logpoint
  • Manufacturing
  • McAfee
  • Media and Entertainment
  • Metageek
  • Micro Focus
  • Microsoft
  • Mining and Natural Resources
  • Nessus
  • Netsparker
  • News
  • Nutanix
  • Paessler
  • Parasoft
  • PECB
  • PortSwigger
  • Pradeo
  • Product
  • Qualys
  • Rapid7
  • RedHat
  • Retail
  • Retina
  • Riverbed
  • RSA
  • Security Innovation
  • Security Roots
  • Services
  • SILICA
  • Smart City
  • Soft Activity
  • SolarWinds
  • Solution
  • Symantec
  • TamoSoft
  • Telecommunications
  • Tenable
  • Titania
  • Transportation
  • Travel
  • Trend Micro
  • Trustwave
  • TSFactory
  • Uncategorized
  • Vandyke
  • Veracode
  • Videos
  • VisiWave
  • VMware
  • Webinar Archive

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

CORPORATE

  • Profile
  • About us
  • Careers
  • Investor Relations
  • Procurement

SOLUTIONS & PRODUCTS

  • Industries
  • Solutions
  • Products
  • Brand Overview
  • Services

STORE & SUPPORT

  • Shop
  • Cart
  • Checkout
  • My Account
  • Support

PRODUCTS & SERVICES

  • Industries
  • Solutions
  • Products
  • Brand Overview
  • Services

FOLLOW US

  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn
  • YouTube
  • WordPress Blog
© 2005 - 2021 E-SPIN Group of Companies | All rights reserved.
  • Contact
  • Privacy
  • Terms of use
TOP