Another opportunity for vendors to act responsibly

Luigi Auriemma recently disclosed a number of SCADA vulnerabilities and potential exploits. I have received several calls from news organizations asking me for my thoughts. I have two questions for the vendors:
1. What impact can these vulnerabilities cause?
2. What have you told your customers about these vulnerabilities?

As ICS vulnerabilities continue to be found I believe credible industry sites such as can perform a service to vendors and customers by making credible information available. I would be happy to post whatever a vendor would be willing to share.
Joe Weiss