Schneider Electric SCADA多个产品异常处理拒绝服务漏洞

2014-02-28T00:00:00
ID SSV:61602
Type seebug
Reporter Root
Modified 2014-02-28T00:00:00

Description

CVE ID:CVE-2013-2824

施耐德电气为100多个国家的能源及基础设施、工业、数据中心及网络、楼宇和住宅市场提供整体解决方案。其中多个产品使用的SESU工具用于更新windows PC系统上的软件。

Schneider Electric多个产品服务器存在拒绝服务攻击,允许远程攻击者利用漏洞发送特制的报文,可使进程停止响应,造成拒绝服务攻击。 0 Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40 Schneider Electric Vijeo Citect 7.20 - 7.30SP1 Schneider Electric CitectSCADA 7.20 - 7.30SP1 Schneider Electric StruxureWare PowerSCADA Expert 7.30 - 7.30SR1 Schneider Electric PowerLogic SCADA 7.20 - 7.20SR1 用户可参考如下厂商提供的安全补丁以修复该漏洞: HF740RTM60777.1 for SCADA Expert Vijeo Citect v7.40 http://www.citect.schneider-electric.com/se-vjc-HF740RTM607771 HF730SP160775.1 for Vijeo Citect v7.30 SP1 http://www.citect.schneider-electric.com/vc-HF730SP1607751 HF720SP460769.1 for Vijeo Citect v7.20 SP4 http://www.citect.schneider-electric.com/vc-HF720SP4607691 HF740RTM60777.1 for CitectSCADA v7.40 http://www.citect.schneider-electric.com/cs-HF740RTM607771 HF730SP160775.1 for CitectSCADA v7.30 SP1 http://www.citect.schneider-electric.com/cs-HF730SP1607751 HF720SP460769.1 for CitectSCADA v7.20 SP4 http://www.citect.schneider-electric.com/cs-HF720SP4607691 HF730SP1608004 for PowerSCADA Expert v7.30 SR1 http://www.citect.schneider-electric.com/pse-HF730SP160804 HF720SP460803 for PowerLogic SCADA v7.20 SR1 http://www.citect.schneider-electric.com/pls-HF720SP460803