virus logo Intrusion Prevention

Schneider.Electric.ClearSCADA.Remote.Authentication.Bypass

description-logoDescription

This indicates an attack attempt to exploit an Authentication Bypass vulnerability in Schneider Electric SCADA Expert ClearSCADA.
The vulnerability is due an exception that occurs in the dbserver.exe file during authentication process. A remote attacker can exploit this to gain unauthorized access to diagnostic information without proper authentication.

affected-products-logoAffected Products

Schneider Electric ClearSCADA 2010 R1.0; ClearSCADA 2009; ClearSCADA 2007; ClearSCADA 2005

Impact logoImpact

Authentication Bypass: Remote attackers can bypass security checks of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
http://resourcecenter.controlmicrosystems.com/display/public/CS/SCADA+Expert+ClearSCADA+Support

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-06-15 15.864 Sig Added

References

http://ics-cert.us-cert.gov/advisories/ICSA-11-173-01 http://www.exploit-db.com/exploits/35924/
ID 40021
Created Jun 04, 2015
Updated Apr 26, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Windows
Affected App SCADA