CVE-2014-5413

Schneider Electric SCADA Expert ClearSCADA Cryptographic Issues

CVSS 6.4 EPSS 1.0%CWE-310

Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 uses the MD5 algorithm for an X.509 certificate, which makes it easier for remote attackers to spoof servers via a cryptographic attack against this algorithm.

AV:N/AC:L/Au:N/C:P/I:P/A:N

Produtos afetados

Schneider Electric · ClearSCADA Schneider Electric · SCADA Expert ClearSCADA

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-259-01a.json https://ics-cert.us-cert.gov/advisories/ICSA-14-259-01 https://www.cisa.gov/news-events/ics-advisories/icsa-14-259-01a