ICONICS is committed to providing high-quality, secure products to its customers. To that end, ICONICS recommends that users of GENESIS32, BizViz, GENESIS64, or other ICONICS products take the following steps to mitigate security risks:
- Use a firewall. Place control system networks and devices behind firewalls and isolate them from the business network.
- Restrict access to all TCP ports, such as port 38080 and 6002. If remote access is required, utilize secure methods such as Virtual Private Networks (VPNs).
- Minimize network exposure for all control system devices. Control system devices should not directly face the Internet.
- If you are not running the latest version of ICONICS software, install the appropriate patch files below.
WHITEPAPER ON SECURITY VULNERABILITIES
A whitepaper is available for download that contains an overview, details and mitigation plan regarding buffer overflow and memory corruption vulnerabilities for ICONICS GENESIS32 and GENESIS64 Supervisory Control and Data Acquisition (SCADA) products.
Download the whitepaper here for more information.
To mitigate security risks, the following patches should be applied to systems of these versions. Versions later than these already contain these changes, and do not need to be patched. (For example, GENESIS32 version 9.5 already contains all applicable patches for 9.2, 9.1, and 8.0.)
v10.5 Security Patches
v9.2 Security Patches
v9.1 Security Patches
v8.0 Security Patches
There are no active US-CERT vulnerabilities for currently-released ICONICS products at this time. Any known US-CERT vulnerabilities have already been addressed in the current version of ICONICS products, or with the patches above.