Company ReVuln discovered exploits zero-day vulnerabilities to SCADA-systems developed by Siemens, General Electric, Schneider Electric, ABB / Rockwell, etc. All unpatched vulnerabilities are in the server-side software and can be used remotely by hackers.
Now experts from ReVuln not provide any technical details. It should also be noted that in ReVuln not intend to disclose vulnerability information providers SCADA-systems, but instead the company will sell it to potential customers. It is reported by The Register, quoting spokesman ReVuln.
Currently vulnerabilities in the SCADA-systems are most interested government agencies. In ReVuln claim that their customers are only approved clients from reputable countries.
ReVuln representatives say that they do not cooperate with the companies and are not involved in their projects based compensation for discovered vulnerabilities.
“We do not work for free. We had a bad experience when suppliers do not even thanked us for providing them with information about the vulnerability, or underpaid us for it, “- said a spokesman ReVuln.
Recall that in early November, the company Positive Technologies has stated that 40% of all available external SCADA-systems are vulnerable and can be hacked.