VAR-202301-2353 — Vulnetix

VAR-202301-2353 PUBLISHED CVSS 9.100000381469727 CRITICAL

A CWE-863: Incorrect Authorization vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port.

Risk Scores

CVSS v3.1

9.100000381469727

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Affected Products

Vendor	Product	Versions
Schneider Electric	EcoStruxure Geo SCADA Expert 2019 - 2021 (formerly known as ClearSCADA)	All

Timeline

Apr 22, 2026 CVE Published

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-010-02_Geo_SCADA_Security_Notification.pdf url

Open in Interactive Console →