Denial of Service Vulnerability in Schneider Electric StruxureWare SCADA Products
CVE-2013-2824

Currently unrated

Key Information:

Vendor: Schneider Electric
Status: Powerlogic Scada; Struxureware Scada Expert Vijeo Citect; Struxureware Powerscada Expert; Citectscada
Vendor: CVE Published:; 26 February 2014

Summary

A vulnerability in Schneider Electric's StruxureWare SCADA product line, including Vijeo Citect and PowerSCADA, allows remote attackers to create a denial of service condition. The affected products fail to properly manage exceptions, which can be exploited using specially crafted packets, potentially disrupting the availability of the services.

References

http://www.citect.schneider-electric.com/security-DoS

x_refsource_CONFIRM

http://ics-cert.us-cert.gov/advisories/ICSA-13-350-01

x_refsource_MISC

Timeline

Vulnerability published
Feb 26, 2014
Vulnerability Reserved
Apr 11, 2013