Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Schneider Electric ClearSCADA 2010 R2 < 2013 R2 Remote DoS

Medium

Synopsis

A vulnerable version of Schneider Electric ClearSCADA has been detected.

Description

ClearSCADA versions between 2010 R2 and 2013 R1.2 inclusive are affected by a remote denial of service vulnerability due to a flaw in the DNP3 driver, specifically DNP3Driver.exe. An attacker could exploit this vulnerability by sending specially crafted IP packets to crash the DNP3 driver resulting in a denial of service.

Newer versions of ClearSCADA (i.e., 6.73.4729 and later) are referred to as "SCADA Expert ClearSCADA."

Solution

Upgrade to ClearSCADA 2013 R2 or later.