Yesterday, I posted a link to the advisory in GE Fanuc’s knowledge base. For today, here’s some more links of interest regarding these vulnerabilities:
- NERC (North American Electric Reliability Corporation) Advisory (Direct link to PDF)
- CVE-2009-0216 (No information here yet, but presumably it will be updated soon)
- US-CERT Vulnerability Note VU# 310355
- SecurityFocus : GE Fanuc iFIX Insecure Authentication Multiple Unauthorized Access Vulnerabilities
The latter two links actually credit us with discovering and reporting the vulnerability.