← back
CVE-2014-5413

Schneider Electric SCADA Expert ClearSCADA Cryptographic Issues

CVSS 6.4 EPSS 1.0%CWE-310
Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 uses the MD5 algorithm for an X.509 certificate, which makes it easier for remote attackers to spoof servers via a cryptographic attack against this algorithm.
AV:N/AC:L/Au:N/C:P/I:P/A:N
Affected products
Schneider Electric · ClearSCADASchneider Electric · SCADA Expert ClearSCADA

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-259-01a.jsonhttps://ics-cert.us-cert.gov/advisories/ICSA-14-259-01https://www.cisa.gov/news-events/ics-advisories/icsa-14-259-01a