CISA recently published an advisory about seven vulnerabilities in Rapid SCADA—an open-source industrial automation platform that provides tools for the quick creation of monitoring and control systems. According to CISA, these vulnerabilities may allow threat actors to remotely execute arbitrary code on systems running Rapid SCADA, which could result in the loss of control or data.
CISA flagged the energy and transportation sectors as being at risk in its advisory. Organizations may even see attacks from these vulnerabilities from the public internet directly, as, according to independent researchers, at least some Rapid SCADA systems have internet-facing IP addresses.
CISA recommends the following mitigations for potentially affected organizations:
- Ensure control system devices are not accessible from the internet
- Isolate control system networks from business networks
- Use Virtual Private Networks (VPNs)
Authored by Nathan Salminen and Rachel Dalton.