Remote Code Execution Vulnerability in Schneider Electric PLC Modules
CVE-2013-0664

Currently unrated

Key Information:

Vendor

Schneider Electric
Status
Modicon Quantum Plc
Vendor
CVE Published:
4 April 2013

What is CVE-2013-0664?

The FactoryCast service in certain Schneider Electric PLC modules is vulnerable to remote code execution due to improper handling of Modbus messages embedded within SOAP HTTP POST requests. Authenticated remote users can exploit this vulnerability, leading to arbitrary code execution. This situation underscores the importance of securing industrial control systems and ensuring all service interfaces are properly validated to prevent unauthorized access and control.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.schneider-electric.com/download/ww/en/details/...
x_refsource_CONFIRM
http://www.schneider-electric.com/download/ww/en/file/365...
x_refsource_CONFIRM
http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf
x_refsource_MISC

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.