工控安全 漏洞收集
- Deep Lateral Movement in OT Networks: When Is a Perimeter Not a Perimeter?
- Hacking ICS Historians: The Pivot Point from IT to OT
- Team82 Releases Homegrown OPC UA Network Fuzzer Based on boofuzz
- Critical Architectural Vulnerabilities in Siemens SIMATIC S7-1500 Series Allow for Bypass of All Protected Boot Features
- The Race to Native Code Execution in PLCs: Using RCE to Uncover Siemens SIMATIC S7-1200/1500 Hardcoded Cryptographic Keys
- Bypassing NAT to Attack Dataprobe iBoot-PDUs
- Top-Down and Bottom-Up: Exploiting Vulnerabilities In the OT Cloud Era
- ModiPwn - can allow attackers to bypass authentication mechanisms which can lead to native remote-code-execution on vulnerable PLCs
- Vulnerabilities in Schneider Electric SoMachine and M221 PLC (CVE-2017-6034 and CVE-2020-7489)
- Rogue7: Rogue Engineering-Station attacks on S7 Simatic PLCs 分析与复现
- Investigating CAN Bus Network Integrity in Avionics Systems
- URGENT/11:11 Zero Day Vulnerabilities Impacting VxWorks
- URGENT/11:Technical White Paper
Router
- WAGO工业交换机多个漏洞:CVE-2019-12550和CVE-2019-12549
- Four Faith Industrial routers Command Injection RCE Reverse Shell
SCADA
- Critical Schneider Electric InduSoft Web Studio and InTouch Machine Edition Vulnerability (CVE-2018-8840)
- mySCADA-myPRO-7-Hardcoded-FTP-Username-and-Password