Vulnerability CVE-2013-6142


Published: 2014-01-15

Description:
DNP3Driver.exe in the DNP3 driver in Schneider Electric ClearSCADA 2010 R2 through 2010 R3.1 and SCADA Expert ClearSCADA 2013 R1 through 2013 R1.2 allows remote attackers to cause a denial of service (resource consumption) via IP packets containing errors that trigger event-journal messages.

Type:

CWE-399

(Resource Management Errors)

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Schneider-electric -> Clearscada 
Schneider-electric -> Scada expert clearscada 
Aveva -> Clearscada 

 References:
http://ics-cert.us-cert.gov/advisories/ICSA-14-014-01

Copyright 2024, cxsecurity.com

 

Back to Top