China s Computer Emergency Response Team (CERT) admitted that it missed a September e-mail message from a researcher at NSS Labs that pointed out a critical vulnerability in a commonly used SCADA (Supervisory Control And Data Acquisition) software package. The lapse resulted in a gap of almost four months before the hole was patched. The Chinese CERT said it is revamping its procedures so that similar e-mails, received off-hours, are not missed. The organization said it will also work on developing processes to continue close contact with vendors after initial notification.
Source: https://threatpost.com/china-cert-we-missed-report-scada-hole-011311/74846/