This interesting paper from Lancaster Research Center shed light on a methodology to create a vulnerability scanner for Industrial Control Systems . The authors leveraged the power of vFeed database correlation, amongst other free utilities,  to release a tool called SimaticScan to scan Siemens PLCs vulnerabilities.


Using vFeed’s in-built API calls, SimaticScan outputs any CVEs associated with the PLC’s CPE entry, allowing the user to obtain more information about a vulnerability, such as severity and risk scores.

Read full paper