PT-2023-1019 · Schneider Electric · Ecostruxure Geo Scada Expert+1
Published
2023-01-10
·
Updated
2023-06-14
·
CVE-2023-22610
CVSS v2.0
9.4
Critical
| Vector | AV:N/AC:L/Au:N/C:N/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
EcoStruxure Geo SCADA Expert versions 2019 through 2021 prior to October 2022
ClearSCADA versions prior to the fixed version
Description
A vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port. This issue is related to incorrect authorization.
Recommendations
For EcoStruxure Geo SCADA Expert versions 2019 through 2021 prior to October 2022, update to a version released after October 2022 to resolve the issue.
For ClearSCADA, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Authorization
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Clearscada
Ecostruxure Geo Scada Expert