LISTSERV - NOTICE_OPERATIONS Archives

NOTICE_OPERATIONS Archives

Notice_Operations

NOTICE_OPERATIONS@LISTS.ERCOT.COM

	LISTSERV Archives
	NOTICE_OPERATIONS Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show HTML Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	NERC CIP Advisory: GE Fanuc iFIX Vulnerability
From:	ERCOT Client Relations <[log in to unmask]>
Date:	Wed, 11 Feb 2009 15:43:40 -0600
Content-Type:	multipart/mixed
Parts/Attachments:	text/plain (1100 bytes) , text/html (6 kB) , A-2009-02-10-01.pdf (83 kB)

TO:     ERCOT Market Participants
RE:     NERC CIP Advisory: GE Fanuc iFIX Vulnerability
Date:  February 11, 2009

ERCOT sends this notice to ensure a maximum number of ERCOT Market Participants are notified of the attached NERC CIP advisory, recognizing that not all ERCOT Market Participants are required to be registered with NERC.

About the advisory
Advisory pertains to users of GE Fanuc iFIX application.  Vulnerability has been publicly released.  An unauthenticated attacker on same network may be able to gain admin privileges to the GE Fanuc iFIX process.

A detailed Knowledge Base article on the vulnerability and its mitigation is available on the GE Fanuc Support site at:
http://support.gefanuc.com/support/index?page=kbchannel&id=KB13253

NERC's publicly distributed advisory can be found at:  http://www.nerc.com/fileUploads/File/Events%20Analysis/A-2009-02-10-01.pdf

To report incidents related to this alert
To report related incidents contact NERC's ES-IASC 12-hour hotline, 609 452-1422, [log in to unmask]<mailto:[log in to unmask]>.  It is not necessary to report incidents to ERCOT.




sg

ATOM RSS1 RSS2

lists.ercot.com