I'm no expert in these thingies, but while the multiple hardcoded account/password thing is at best mind boggling, i really don't get it why it's critical.
One would assume that while the devices are connected over a network, that network would be internal and isolated from "bad real world" as much as possible.
Thus, to gain access to a means to exploit these vulnerabilities, you'd have to go INSIDE the place. And if that happened, you already failed. The time it takes to tap the network, scan for devices, take control, and reprogram them is probably as much as it takes to blow the place sky high using conventional means.
Begs the question then, how many facilities went around and made the supposedly isolated (and operation critical) network a part of the general network to "make it easier". Or are they just worried because they now have to go about checking device integrity because it's not something noticeable as opposed to a explosive charge?
My 0.0002c on the former because being lazy and thinking about security after the failure is the norm not the exception.