VDB
SEVD-2021-130-07
SEVD-2021-130-07
PUBLISHED
CVSS 6.699999809265137 MEDIUM
Schneider Electric is aware of a vulnerability in its EcoStruxure Geo SCADA Expert products (formerly known as ClearSCADA). The EcoStruxure Geo SCADA Expert product is an open, flexible and scalable software system for telemetry and remote SCADA solutions. Failure to apply the remediations provided below may risk the revealing of account credentials, which could result in unauthorized system access.
Risk Scores
CVSS v3.1
6.699999809265137
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider Electric EcoStruxure Geo SCADA Expert 2019 All Versions | ||
| Schneider Electric EcoStruxure Geo SCADA Expert 2020 V83.7742.1 and prior | ||
| Schneider Electric ClearSCADA All Versions | ||
| Schneider Electric Geo SCADA Expert 2020 April 2021 83.7787.1 |
Timeline
- May 11, 2021 CVE Published
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-07&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2021-130-07_GeoSCADA_Security_Notification.pdf advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-07&p_enDocType=Security+and+Safety+Notice&p_File_Name=sevd-2021-130-07.json advisory
- https://www.se.com/us/en/download/document/7EN52-0390/ url
- https://tprojects.schneider-electric.com/telemetry/display/CS/Geo+SCADA+Expert+Downloads fix