Critical vulnerability opens electrical grids to attack

A critical buffer overflow bug has been found in yet another computerized control system that is used to run vital national infrastructure, such as electrical grids. Researchers from specialist firm C4 discovered the vulnerability in ABB Group's Process Communication Unit 400 (PCU400), a system that runs in varying configurations within its SCADA system. SCADA stands for supervisory control and data acquisition, a category of software applications typically used for long-range communications in power plants, telecommunications and transportation, among other things. In the case of this flaw, an attacker can compromise the server, which runs PCU400 to insert a generic electric grid malware that will result to harm to the grid. While a patch has already been issued by ABB, this advisory comes amid mounting concerns over the security risks posed to such infrastructure by terrorists and saboteurs.

For more on this story:
- check out this The Register article