Schneider Electric ClearSCADA 2010 R2 < 2013 R2 Remote DoS

Medium Nessus Network Monitor Plugin ID 6445


A vulnerable version of Schneider Electric ClearSCADA has been detected.


ClearSCADA versions between 2010 R2 and 2013 R1.2 inclusive are affected by a remote denial of service vulnerability due to a flaw in the DNP3 driver, specifically DNP3Driver.exe. An attacker could exploit this vulnerability by sending specially crafted IP packets to crash the DNP3 driver resulting in a denial of service.

Newer versions of ClearSCADA (i.e., 6.73.4729 and later) are referred to as "SCADA Expert ClearSCADA."


Upgrade to ClearSCADA 2013 R2 or later.

See Also

Plugin Details

Severity: Medium

ID: 6445

File Name: 6445.prm

Family: SCADA

Published: 2014/04/25

Modified: 2016/10/18

Dependencies: 6313

Nessus ID: 72201

Risk Information

Risk Factor: Medium


Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:ND


Base Score: 3.6

Temporal Score: 3.4


Temporal Vector: CVSS3#E:X/RL:O/RC:X

Vulnerability Information

CPE: cpe:/a:schneider-electric:clearscada

Patch Publication Date: 2013/12/05

Vulnerability Publication Date: 2013/12/05

Reference Information

CVE: CVE-2013-6142

BID: 64813

OSVDB: 101992