The US Department of Homeland Security is warning of holes in Chinese infrastructure software which could leave factories and power stations vulnerable to hack attacks.
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Advisory warns that the hole could allow hackers to launch a denial of service attack or possible execution of arbitary code.
The software is mainly used in China but claims some customers in Europe, the Americas and Asia and Africa. There have been no known exploits of the vulnerability and attackers would need an intermediate level of skill to use it.
The problem was spotted by Dillon Beresford of NSS Labs.
There's more on the holes, and links to patches, in this pdf. ®