CVE-2014-5412

Schneider Electric SCADA Expert ClearSCADA Improper Authentication

CVSS 6.4 EPSS 1.6%CWE-287

Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allows remote attackers to read database records by leveraging access to the guest account.

AV:N/AC:L/Au:N/C:P/I:P/A:N

Productos afectados

Schneider Electric · ClearSCADA Schneider Electric · SCADA Expert ClearSCADA

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-259-01a.json https://ics-cert.us-cert.gov/advisories/ICSA-14-259-01 https://www.cisa.gov/news-events/ics-advisories/icsa-14-259-01a