Already existing/established client-server connections are not affected.
An attacker could exploit the vulnerability by using a specially crafted message sequence, to force the IEC 61850 MMS-server communication stack, to stop accepting new MMS-client connections.
Affected products: EcoStruxure Geo SCADA Expert 2019, EcoStruxure Geo SCADA Expert 2020, EcoStruxure Geo SCADA Expert 2021(All Versions prior to October 2022), ClearSCADA (All Versions) Published: Febru6:15:10 AM -0500Ī vulnerability exists in the IEC 61850 communication stack that affects multiple Hitachi Energy products. V3.x:(not available) V2.0:(not available)Ī CWE-117: Improper Output Neutralization for Logs vulnerability exists that could cause the misinterpretation of log files when malicious packets are sent to the Geo SCADA server's database web port (default 443).
InSCADA allows Account Footprinting.This issue affects inSCADA: before 20230115-1. Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ProMIS Process Co.
0 kommentar(er)
