Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Schneider Electric fixes remotely exploitable flaw in 22 different products

Schneider Electric fixes remotely exploitable flaw in 22 different products

2014/10/01

Threatpost - (International) The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) issued an advisory to operators of 22 different Schneider Electric industrial control systems products after a researcher identified a remotely exploitable directory traversal vulnerability that could allow attackers to bypass Web server authentication and gain administrator access and control over devices. Schneider Electric released a firmware update to close the vulnerability in the products deployed in the manufacturing, energy, water, communications, and other sectors.

Source: http://threatpost.com/schneider-electric-fixes-remotely-exploitable-flaw-in-22-different-products

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:21:55