At S4x14 Conference in Miami, a researcher at of ReVuln disclosed a buffer overflow zero -day flaw in HMI software produced by Malaysian company Ecava. The vulnerability is a classical stack based buffer-overflow vulnerability in the companys IntegraXor Web-based HMI. Ecava has a very controversial bug bounty program in which they pay researchers with points for the licenses of the product instead of money. Despite the company has immediately fixed the zero-day, a lot of systems could still be vulnerable.”]
Source: http://securityaffairs.co/wordpress/21360/security/revuln-founds-scada-zero-day.html

