Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Schneider Electric SCADA Expert ClearSCADA 2013 R1 < 2013 R1.2 Remote Denial of Service Vulnerability

High

Synopsis

A vulnerable version of Schneider Electric SCADA Expert ClearSCADA has been detected.

Description

SCADA Expert ClearSCADA versions 2013 R1, 2013 R1.1, and 2013 R1.1a are affected by a remote denial of service vulnerability due to a flaw in the way SCADA Expert ClearSCADA handles web requests. An attacker could exploit this vulnerability by sending a specially crafted web request to SCADA Expert ClearSCADA resulting in the application crashing and causing a denial of service.

Solution

Upgrade to SCADA Expert ClearSCADA version 2013 R1.2 (6.73.4955) or later