PT-2022-16602 · Schneider Electric · Ecostruxure Geo Scada Expert 2020+3
Published
2022-02-09
·
Updated
2022-02-17
·
CVE-2022-24318
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
ClearSCADA (affected versions not specified)
EcoStruxure Geo SCADA Expert 2019 (affected versions not specified)
EcoStruxure Geo SCADA Expert 2020 (affected versions not specified)
Description
A vulnerability exists that could cause non-encrypted communication with the server when outdated versions of the ViewX client are used. This issue is related to inadequate encryption strength.
Recommendations
For ClearSCADA, update to a version that addresses the inadequate encryption strength issue.
For EcoStruxure Geo SCADA Expert 2019, update to a version that addresses the inadequate encryption strength issue.
For EcoStruxure Geo SCADA Expert 2020, update to a version that addresses the inadequate encryption strength issue.
Fix
Inadequate Encryption Strength
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Clearscada
Ecostruxure Geo Scada Expert 2019
Ecostruxure Geo Scada Expert 2020
Viewx