Critical Infrastructure Security, Vulnerability Management

Significant automatic tank gauge flaws most severely impact US critical infrastructure

Reducing code flaws

U.S. hospitals, airports, gas stations, and other critical infrastructure organizations were disclosed by BitSight TRACE researchers to have the greatest risk of being compromised in attacks involving 10 critical automatic tank gauge system vulnerabilities across five vendors, CyberScoop reports.

Tank management systems could have their management systems completely compromised through the exploitation of such flaws, which include a maximum severity issue in the ProGauge MagLink tank console, according to BitSight TRACE Principal Security Scientist Pedro Umbelino. "You can do pretty much whatever you can do, as almost if you are at the console clicking the buttons and changing all the settings. So you're the owner," noted Umbelino, who added that only a few of the vulnerable ATGs were taken down between June and September. While vulnerabilities impacting ProGauge, Franklin, and OPW ATGs have already been remediated, Omntec and Alisonic have yet to respond to the Cybersecurity and Infrastructure Security Agency's call to act on the issues impacting their respective products.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds