Denial of Service Vulnerability in Schneider Electric ClearSCADA Software
CVE-2013-6142

Currently unrated

Key Information:

Vendor: Aveva
Status: Clearscada
Vendor: CVE Published:; 15 January 2014

What is CVE-2013-6142?

The DNP3Driver.exe component within Schneider Electric's ClearSCADA software versions 2010 R2 through 2010 R3.1 and SCADA Expert ClearSCADA versions 2013 R1 through 2013 R1.2 is susceptible to a denial of service attack. This vulnerability can be exploited by remote attackers who send malformed IP packets, resulting in excessive resource consumption that can disrupt service availability. This issue highlights the importance of robust input validation and monitoring to mitigate potential threats in control systems.

References

http://ics-cert.us-cert.gov/advisories/ICSA-14-014-01

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 15, 2014
Vulnerability Reserved
Oct 16, 2013

Aveva

What is CVE-2013-6142?

References

Timeline