Vulnerability Description
Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogic SCADA 7.20 through 7.20SR1 do not properly handle exceptions, which allows remote attackers to cause a denial of service via a crafted packet.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | Citectscada | 7.20 |
| Schneider-Electric | Powerlogic Scada | 7.20 |
| Schneider-Electric | Struxureware Powerscada Expert | 7.30 |
| Schneider-Electric | Struxureware Scada Expert Vijeo Citect | 7.20 |
References
- http://ics-cert.us-cert.gov/advisories/ICSA-13-350-01PatchUS Government Resource
- http://www.citect.schneider-electric.com/security-DoSPatchVendor Advisory
- http://ics-cert.us-cert.gov/advisories/ICSA-13-350-01PatchUS Government Resource
- http://www.citect.schneider-electric.com/security-DoSPatchVendor Advisory
FAQ
What is CVE-2013-2824?
CVE-2013-2824 is a vulnerability with a CVSS score of 7.8 (HIGH). Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogic...
How severe is CVE-2013-2824?
CVE-2013-2824 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-2824?
Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Citectscada, Schneider-Electric Powerlogic Scada, Schneider-Electric Struxureware Powerscada Expert, Schneider-Electric Struxureware Scada Expert Vijeo Citect.