Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-2824

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2013-2824
Last Modified 26 Feb 2014 11:58:51
Published 26 Feb 2014 09:55:08
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-2824

Summary

Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogic SCADA 7.20 through 7.20SR1 do not properly handle exceptions, which allows remote attackers to cause a denial of service via a crafted packet.

Vulnerable Systems

Application

  • Schneider-electric Citectscada 7.20

  • Schneider-electric Citectscada 7.30

  • Schneider-electric Powerlogic Scada 7.20

  • Schneider-electric Struxureware Powerscada Expert 7.30

  • Schneider-electric Struxureware Scada Expert Vijeo Citect 7.20

  • Schneider-electric Struxureware Scada Expert Vijeo Citect 7.30

  • Schneider-electric Struxureware Scada Expert Vijeo Citect 7.40


References

MISC - http://ics-cert.us-cert.gov/advisories/ICSA-13-350-01

CONFIRM - http://www.citect.schneider-electric.com/security-DoS


Last Updated: 27 May 2016 10:55:15