Inadequate Encryption Vulnerability in ClearSCADA and EcoStruxure Geo SCADA Expert Products
CVE-2022-24318
7.5HIGH
Key Information:
- Vendor
Schneider Electric
- Vendor
- CVE Published:
- 9 February 2022
What is CVE-2022-24318?
An inadequate encryption strength issue has been identified within the ClearSCADA and EcoStruxure Geo SCADA Expert products. This vulnerability could potentially lead to non-encrypted communication between the client and server when using outdated versions of the ViewX client. Organizations utilizing these systems may be at risk of unauthorized data interception and exposure, emphasizing the need for timely updates and security measures.
Affected Version(s)
ClearSCADA (All ), EcoStruxure Geo SCADA Expert 2019 (All ), EcoStruxure Geo SCADA Expert 2020 (All ) ClearSCADA (All Versions), EcoStruxure Geo SCADA Expert 2019 (All Versions), EcoStruxure Geo SCADA Expert 2020 (All Versions)