The disclosures prompted US-CERT's to issue advisories about the flaws.

SCADA systems are used to control critical equipment at power companies, manufacturing facilities, water treatment plants and elsewhere. analysts fear that attacks against such systems could cripple critical infrastructure services such as electricity and public water supplies.

The Stuxnet worm, which to disrupt operations at an Iranian nuclear plant is often cited as an example of the kind of damage that can be wreaked via vulnerable SCADA systems.

The latest vulnerabilities mostly exist in free or low-cost Windows-based engineering workstations that are used as interfaces to backend control systems, according to an analysis by , a consulting firm specializing in control system security.

One of the vulnerable products -- Rockwell's RSLogix system -- was described by Digital Bond as a workstation used to configure industrial control systems that are deployed widely in critical infrastructure. Most of the others are smaller, add-on and data transfer products that are "used in either very small systems or as an addition/accessory to a larger system," Digital Bond said.