Vulnerabilities > CVE-2013-2824 - Unspecified vulnerability in Schneider-Electric products

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

schneider-electric

NVD

Published: 2014-02-26

Updated: 2014-02-26

Summary

Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogic SCADA 7.20 through 7.20SR1 do not properly handle exceptions, which allows remote attackers to cause a denial of service via a crafted packet.

Vulnerable Configurations

Part	Description	Count
Application	Schneider-Electric Schneider Electric Citectscada 7.20 Schneider Electric Citectscada 7.30 Schneider Electric Powerlogic Scada 7.20 Schneider Electric Struxureware Powerscada Expert 7.30 Schneider Electric Struxureware Scada Expert Vijeo Citect 7.20 Schneider Electric Struxureware Scada Expert Vijeo Citect 7.30 Schneider Electric Struxureware Scada Expert Vijeo Citect 7.40	19

Seebug

bulletinFamily	exploit
description	CVE ID:CVE-2013-2824 施耐德电气为100多个国家的能源及基础设施、工业、数据中心及网络、楼宇和住宅市场提供整体解决方案。其中多个产品使用的SESU工具用于更新windows PC系统上的软件。 Schneider Electric多个产品服务器存在拒绝服务攻击，允许远程攻击者利用漏洞发送特制的报文，可使进程停止响应，造成拒绝服务攻击。 0 Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40 Schneider Electric Vijeo Citect 7.20 - 7.30SP1 Schneider Electric CitectSCADA 7.20 - 7.30SP1 Schneider Electric StruxureWare PowerSCADA Expert 7.30 - 7.30SR1 Schneider Electric PowerLogic SCADA 7.20 - 7.20SR1 用户可参考如下厂商提供的安全补丁以修复该漏洞： HF740RTM60777.1 for SCADA Expert Vijeo Citect v7.40 http://www.citect.schneider-electric.com/se-vjc-HF740RTM607771 HF730SP160775.1 for Vijeo Citect v7.30 SP1 http://www.citect.schneider-electric.com/vc-HF730SP1607751 HF720SP460769.1 for Vijeo Citect v7.20 SP4 http://www.citect.schneider-electric.com/vc-HF720SP4607691 HF740RTM60777.1 for CitectSCADA v7.40 http://www.citect.schneider-electric.com/cs-HF740RTM607771 HF730SP160775.1 for CitectSCADA v7.30 SP1 http://www.citect.schneider-electric.com/cs-HF730SP1607751 HF720SP460769.1 for CitectSCADA v7.20 SP4 http://www.citect.schneider-electric.com/cs-HF720SP4607691 HF730SP1608004 for PowerSCADA Expert v7.30 SR1 http://www.citect.schneider-electric.com/pse-HF730SP160804 HF720SP460803 for PowerLogic SCADA v7.20 SR1 http://www.citect.schneider-electric.com/pls-HF720SP460803
id	SSV:61602
last seen	2017-11-19
modified	2014-02-28
published	2014-02-28
reporter	Root
title	Schneider Electric SCADA多个产品异常处理拒绝服务漏洞

Summary

Vulnerable Configurations

Seebug

References