What a great day - another SCADA security vulnerability uncovered! I don't want to see any industrial software fail, but I know the nitch products were written in a vacuum without security in mind. HMI packages are buggy and susceptible to attack - particularly the older ones still in use! We need to get over it, confront the issue, and fix it! Hopefully vendors have the integrity to self-test and release patches on their own, but this won't solve the problem. A developer simply can't find all of his own bugs in a test environment. The more computer security research groups start looking into these "little" but significant applications the better.
This time it was Citect, Wonderware had the last one. SCADA vendors be ready - you're next! That's you: Rockwell, GE, and Inductive Automation!