Schneider Electric ClearSCADA <= 2013 R2 Remote Code Execution Vulnerability

Medium Nessus Network Monitor Plugin ID 6984

Synopsis

A vulnerable version of Schneider Electric ClearSCADA has been detected.

Description

ClearSCADA versions between 2010 R2 and 2013 R2 inclusive are affected by a remote code execution vulnerability related to the way the KepServer V4 component in the PLC Driver validates project file input. An attacker could cause a denial of service (application crash) or execute arbitrary code via a specially crafted project file.

Newer versions of ClearSCADA (i.e., 6.73.4729 and later) are referred to as "SCADA Expert ClearSCADA."

Solution

There is currently no fix available. The vendor advises uninstalling the PLC Driver.

See Also

http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-024-01

http://www.zerodayinitiative.com/advisories/ZDI-14-059/

Plugin Details

Severity: Medium

ID: 6984

Family: SCADA

Published: 2014/04/25

Modified: 2016/01/19

Dependencies: 6313

Nessus ID: 72703

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSSv3

Base Score: 5.6

Temporal Score: 5.4

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:schneider-electric:clearscada

Vulnerability Publication Date: 2014/01/24

Reference Information

CVE: CVE-2014-0779

BID: 65476