icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Schneider Electric SCADA Expert ClearSCADA 2013 R1 < 2013 R1.2 Remote Denial of Service Vulnerability

High

Synopsis

A vulnerable version of Schneider Electric SCADA Expert ClearSCADA has been detected.

Description

SCADA Expert ClearSCADA versions 2013 R1, 2013 R1.1, and 2013 R1.1a are affected by a remote denial of service vulnerability due to a flaw in the way SCADA Expert ClearSCADA handles web requests. An attacker could exploit this vulnerability by sending a specially crafted web request to SCADA Expert ClearSCADA resulting in the application crashing and causing a denial of service.

Solution

Upgrade to SCADA Expert ClearSCADA version 2013 R1.2 (6.73.4955) or later