PT-2014-2010 · Schneider Electric · Citectscada+4
Published
2014-02-26
·
Updated
2014-02-26
·
CVE-2013-2824
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Schneider Electric StruxureWare SCADA Expert Vijeo Citect versions 7.40
Schneider Electric Vijeo Citect versions 7.20 through 7.30SP1
Schneider Electric CitectSCADA versions 7.20 through 7.30SP1
Schneider Electric StruxureWare PowerSCADA Expert versions 7.30 through 7.30SR1
Schneider Electric PowerLogic SCADA versions 7.20 through 7.20SR1
Description
The issue is related to incorrect exception handling, which can be exploited by a remote attacker to cause a denial of service using a specially crafted network packet.
Recommendations
For Schneider Electric StruxureWare SCADA Expert Vijeo Citect version 7.40, update to a version that properly handles exceptions.
For Schneider Electric Vijeo Citect versions 7.20 through 7.30SP1, update to a version that properly handles exceptions.
For Schneider Electric CitectSCADA versions 7.20 through 7.30SP1, update to a version that properly handles exceptions.
For Schneider Electric StruxureWare PowerSCADA Expert versions 7.30 through 7.30SR1, update to a version that properly handles exceptions.
For Schneider Electric PowerLogic SCADA versions 7.20 through 7.20SR1, update to a version that properly handles exceptions.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Citectscada
Powerlogic Scada
Struxureware Powerscada Expert
Struxureware Scada Expert Vijeo Citect
Vijeo Citect