Operating System:

[Win]

Published:

19 February 2014

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2014.0017
       A vulnerability has been identified in a number of Schneider
                          Electric SCADA products
                             19 February 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              StruxureWare SCADA Expert Vijeo Citect
                      Vijeo Citect
                      CitectSCADA
                      StruxureWare PowerSCADA Expert
                      PowerLogic SCADA
Operating System:     Windows
Impact/Access:        Denial of Service -- Remote/Unauthenticated
Resolution:           Patch/Upgrade
Member content until: Friday, March 21 2014

OVERVIEW

        A vulnerability has been identified in the following Schneider Electric
        products:
        
        * StruxureWare SCADA Expert Vijeo Citect v7.40
        * Vijeo Citect v7.20 to v7.30SP1
        * CitectSCADA v7.20 to v7.30SP1
        * StruxureWare PowerSCADA Expert v7.30 to v7.30SR1
        * PowerLogic SCADA v7.20 to v7.20 SR1
        
        The vendor has indicated that older versions of these products are not
        affected by this vulnerability. [1]


IMPACT

        The vendor has provided the following details regarding this 
        vulnerability:
        
        "The vulnerability could cause a Denial of Service on the Server of
        the products listed below. To exploit this vulnerability an attacker
        must send a specially crafted packet to any of the Server processes.
        
        This vulnerability was discovered during cyber security research 
        both by an external researcher and by Schneider Electric internal 
        investigations. There is no evidence that this vulnerability has 
        been exploited. This vulnerability would require network access to 
        the target application." [1]


MITIGATION

        The vendor has stated that a cumulative patch has been developed
        which addresses this vulnerability and recommends that all customers
        download and apply the patch. [1]
        
        Download links can be found in the vendor's original security 
        notification. [1]


REFERENCES

        [1] Important security notification - Cumulative update for SCADA
            Expert Vijeo Citect / CitectSCADA / PowerSCADA Expert
            http://download.schneider-electric.com/files?p_Doc_Ref=SEVD%202014-024-02

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBUwQyahLndAQH1ShLAQLgCQ/+IhxVaCuKLv47PsDAE7nOlNMqh2tCLvq0
dIpAXV+u4MI63PSy4fhOizrvkiJAbxs4/UExqcUenrFtXC32Hl7R/39700Bvt+SC
A7yqF0eDzD3+YEwX9GubQ/9j/KsVQ2l7CQLwbLrplq5sCRKMvGrjrFg9sEghejOl
UvkyQ4DXtcCH13qZggIFbVyCv7IRiRHDt3WD2Aof5He9v1HTUptouO66qts9jUjl
ynyiTlZxXar0wOBcPtZB1EYxDuhZ6s3qv+5LpCawmqwsDe9J/S7OsBXUzEh5RM7q
gCy4kdMLOfwHQNDOwtByaeoBiOcajwci9H2jdZO9NxJUdn2L8YuBWdw36QCImK1p
FunlyV2ibnvBNTK6JxY4AjaO5HeYV25hlX2Kk/+I8nouu9EfNQBZloBHFM37ZzpC
3SgObm/tgoPTXgu++fEiKV5LYfr6YhZsV+wUmqJ+HYkvQ1FDt8kcwCs7E3k0UlMS
vWbbCYWiOn1K83nSZspCKwk+SeCAmA0/b4PD88tTZncMT9Nrrh2hcexGmEwI7m0d
td8j7BYcPyM4XTxiEAW6QWK0trXGulgiAlynUrZ6la7jLdomQFXaeGE2xwfX/dln
pjkW8zhZCQHA1Ed++xDGk4fX65ZcQMStV9i3O3WPGt1q1mzRiAHi7Yr+K4UddhTc
C++7NJ2mX9s=
=a/xo
-----END PGP SIGNATURE-----