CVE-2015-6485

Name of the Vulnerable Software and Affected Versions Schneider Electric Telvent Sage 2300 RTUs versions prior to C3413-500-S01 Schneider Electric LANDAC II-2 RTUs versions prior to C3414-500-S02J2 Schneider Electric Sage 1410 RTUs versions prior to C3414-500-S02J2 Schneider Electric Sage 1430 RTUs versions prior to C3414-500-S02J2 Schneider Electric Sage 1450 RTUs versions prior to C3414-500-S02J2 Schneider Electric Sage 2400 RTUs versions prior to C3414-500-S02J2 Schneider Electric Sage 3030M RTUs versions prior to C3414-500-S02J2

Description The issue allows remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet.

Recommendations For Schneider Electric Telvent Sage 2300 RTUs versions prior to C3413-500-S01, update to firmware C3413-500-S01 or later. For Schneider Electric LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs versions prior to C3414-500-S02J2, update to firmware C3414-500-S02J2 or later.