Schneider Electric SCADA多个产品异常处理拒绝服务漏洞

CVE ID:CVE-2013-2824

施耐德电气为100多个国家的能源及基础设施、工业、数据中心及网络、楼宇和住宅市场提供整体解决方案。其中多个产品使用的SESU工具用于更新windows PC系统上的软件。

Schneider Electric多个产品服务器存在拒绝服务攻击，允许远程攻击者利用漏洞发送特制的报文，可使进程停止响应，造成拒绝服务攻击。
0
Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40
Schneider Electric Vijeo Citect 7.20 - 7.30SP1
Schneider Electric CitectSCADA 7.20 - 7.30SP1
Schneider Electric StruxureWare PowerSCADA Expert 7.30 - 7.30SR1
Schneider Electric PowerLogic SCADA 7.20 - 7.20SR1
用户可参考如下厂商提供的安全补丁以修复该漏洞：
HF740RTM60777.1 for SCADA Expert Vijeo Citect v7.40
http://www.citect.schneider-electric.com/se-vjc-HF740RTM607771
HF730SP160775.1 for Vijeo Citect v7.30 SP1
http://www.citect.schneider-electric.com/vc-HF730SP1607751
HF720SP460769.1 for Vijeo Citect v7.20 SP4
http://www.citect.schneider-electric.com/vc-HF720SP4607691
HF740RTM60777.1 for CitectSCADA v7.40
http://www.citect.schneider-electric.com/cs-HF740RTM607771
HF730SP160775.1 for CitectSCADA v7.30 SP1
http://www.citect.schneider-electric.com/cs-HF730SP1607751
HF720SP460769.1 for CitectSCADA v7.20 SP4
http://www.citect.schneider-electric.com/cs-HF720SP4607691
HF730SP1608004 for PowerSCADA Expert v7.30 SR1
http://www.citect.schneider-electric.com/pse-HF730SP160804
HF720SP460803 for PowerLogic SCADA v7.20 SR1
http://www.citect.schneider-electric.com/pls-HF720SP460803