PT-2014-3031 · Schneider Electric · Dnp3Driver.Exe+2

Publicado

2014-01-15

Atualizado

2018-12-31

CVE-2013-6142

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Schneider Electric ClearSCADA versions 2010 R2 through 2010 R3.1 Schneider Electric SCADA Expert ClearSCADA versions 2013 R1 through 2013 R1.2

Description The issue allows remote attackers to cause a denial of service, specifically resource consumption, via IP packets containing errors. These errors trigger event-journal messages in the DNP3Driver.exe component of the affected software.

Recommendations For Schneider Electric ClearSCADA versions 2010 R2 through 2010 R3.1, update to a version outside of this range to resolve the issue. For Schneider Electric SCADA Expert ClearSCADA versions 2013 R1 through 2013 R1.2, update to a version outside of this range to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

CVE-2013-6142

Produtos afetados

Clearscada

Dnp3Driver.Exe

Scada Expert Clearscada

PT-2014-3031 · Schneider Electric · Dnp3Driver.Exe+2

CVE-2013-6142

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2