CVE-2013-2824

Summary

CVE	CVE-2013-2824
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2014-02-26 14:55:00 UTC
Updated	2014-02-26 16:58:00 UTC
Description	Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogic SCADA 7.20 through 7.20SR1 do not properly handle exceptions, which allows remote attackers to cause a denial of service via a crafted packet.

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Schneider-electric	Citectscada	7.20	All	All	All
Application	Schneider-electric	Citectscada	7.20	sp1	All	All
Application	Schneider-electric	Citectscada	7.20	sp2	All	All
Application	Schneider-electric	Citectscada	7.20	sp3	All	All
Application	Schneider-electric	Citectscada	7.20	sp4	All	All
Application	Schneider-electric	Citectscada	7.30	All	All	All
Application	Schneider-electric	Citectscada	7.30	sp1	All	All
Application	Schneider-electric	Citectscada	7.20	All	All	All
Application	Schneider-electric	Citectscada	7.20	sp1	All	All
Application	Schneider-electric	Citectscada	7.20	sp2	All	All
Application	Schneider-electric	Citectscada	7.20	sp3	All	All
Application	Schneider-electric	Citectscada	7.20	sp4	All	All
Application	Schneider-electric	Citectscada	7.30	All	All	All
Application	Schneider-electric	Citectscada	7.30	sp1	All	All
Application	Schneider-electric	Powerlogic Scada	7.20	All	All	All
Application	Schneider-electric	Powerlogic Scada	7.20	sr1	All	All
Application	Schneider-electric	Powerlogic Scada	7.20	All	All	All
Application	Schneider-electric	Powerlogic Scada	7.20	sr1	All	All
Application	Schneider-electric	Struxureware Powerscada Expert	7.30	All	All	All
Application	Schneider-electric	Struxureware Powerscada Expert	7.30	sr1	All	All
Application	Schneider-electric	Struxureware Powerscada Expert	7.30	All	All	All
Application	Schneider-electric	Struxureware Powerscada Expert	7.30	sr1	All	All
Application	Schneider-electric	Struxureware Scada Expert Vijeo Citect	7.20	All	All	All
Application	Schneider-electric	Struxureware Scada Expert Vijeo Citect	7.20	sp1	All	All
Application	Schneider-electric	Struxureware Scada Expert Vijeo Citect	7.20	sp2	All	All
Application	Schneider-electric	Struxureware Scada Expert Vijeo Citect	7.20	sp3	All	All
Application	Schneider-electric	Struxureware Scada Expert Vijeo Citect	7.20	sp4	All	All
Application	Schneider-electric	Struxureware Scada Expert Vijeo Citect	7.30	All	All	All
Application	Schneider-electric	Struxureware Scada Expert Vijeo Citect	7.30	sp1	All	All
Application	Schneider-electric	Struxureware Scada Expert Vijeo Citect	7.40	All	All	All
Application	Schneider-electric	Struxureware Scada Expert Vijeo Citect	7.20	All	All	All
Application	Schneider-electric	Struxureware Scada Expert Vijeo Citect	7.20	sp1	All	All
Application	Schneider-electric	Struxureware Scada Expert Vijeo Citect	7.20	sp2	All	All
Application	Schneider-electric	Struxureware Scada Expert Vijeo Citect	7.20	sp3	All	All
Application	Schneider-electric	Struxureware Scada Expert Vijeo Citect	7.20	sp4	All	All
Application	Schneider-electric	Struxureware Scada Expert Vijeo Citect	7.30	All	All	All
Application	Schneider-electric	Struxureware Scada Expert Vijeo Citect	7.30	sp1	All	All
Application	Schneider-electric	Struxureware Scada Expert Vijeo Citect	7.40	All	All	All

References

Reference	Source	Link	Tags
Schneider Electric CitectSCADA Products Exception Handler Vulnerability (Update A) \| ICS-CERT	MISC	ics-cert.us-cert.gov	Patch, US Government Resource
AVEVA Global Customer Support - Login	CONFIRM	www.citect.schneider-electric.com	Patch, Vendor Advisory
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.