PT-2017-19314 · Schneider Electric · Clearscada

Published

2017-09-25

Updated

2018-12-31

CVE-2017-9962

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Schneider Electric's ClearSCADA versions prior to August 2017

Description The issue concerns a memory allocation vulnerability. Malformed requests can be sent to ClearSCADA client applications, causing unexpected behavior. The client applications affected include ViewX and the Server Icon.

Recommendations For versions prior to August 2017, update to a version released after August 2017 to resolve the issue.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2017-9962

Affected Products

Clearscada

PT-2017-19314 · Schneider Electric · Clearscada

CVE-2017-9962

Weakness Enumeration

Related Identifiers

Affected Products

References · 3