Luigi Auriemma recently disclosed a number of SCADA vulnerabilities and potential exploits. I have received several calls from news organizations asking me for my thoughts. I have two questions for the vendors:

1. What impact can these vulnerabilities cause?

2. What have you told your customers about these vulnerabilities?

As ICS vulnerabilities continue to be found I believe credible industry sites such as controlglobal.com/unfettered can perform a service to vendors and customers by making credible information available. I would be happy to post whatever a vendor would be willing to share.

Joe Weiss