On Tuesday Outpost24 released information on CVE-2014-2717 – Honeywell Authentication Bypass. Later, the same day we were contacted by Mr. Bolivar, the second vulnerability researcher mentioned in the initial ICS CERT advisory, who invited us to include information with his full disclosure. It has been confirmed that all attacks presented in this disclosure including the modified versions of the original advisory have been already solved by Honeywell.
more here..........http://www.outpost24.com/update-to-advisory-on-honeywell-scada/
more here..........http://www.outpost24.com/update-to-advisory-on-honeywell-scada/