CVE-2013-2824
Last modified
CVE-2013-2824 is a vulnerability of currently unknown severity. Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogic SCADA 7.20 through 7.20SR1 do not properly handle exceptions, which allows remote attackers to cause a denial of service via a crafted packet.. EPSS estimates a 1.79% chance of exploitation in the next 30 days.
Description
Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogic SCADA 7.20 through 7.20SR1 do not properly handle exceptions, which allows remote attackers to cause a denial of service via a crafted packet.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | Citectscada | 7.20 |
| Schneider-Electric | Citectscada | 7.30 |
| Schneider-Electric | Powerlogic Scada | 7.20 |
| Schneider-Electric | Struxureware Powerscada Expert | 7.30 |
| Schneider-Electric | Struxureware Scada Expert Vijeo Citect | 7.20 |
| Schneider-Electric | Struxureware Scada Expert Vijeo Citect | 7.30 |
| Schneider-Electric | Struxureware Scada Expert Vijeo Citect | 7.40 |
References
- http://ics-cert.us-cert.gov/advisories/ICSA-13-350-01Patch, US Government Resource
- http://www.citect.schneider-electric.com/security-DoSPatch, Vendor Advisory
- http://ics-cert.us-cert.gov/advisories/ICSA-13-350-01Patch, US Government Resource
- http://www.citect.schneider-electric.com/security-DoSPatch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-2824?
How severe is CVE-2013-2824?
How do I fix CVE-2013-2824?
Are you affected by CVE-2013-2824?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST