Ê©Ä͵µçÆø½¨¸´Á˶à¸öDoS·ì϶·çÏÕ¹«¸æ

°ä²¼¹¦·ò 2019-12-17

·ì϶±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-6857£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.5£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-6856£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.5£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-7794£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º5.9£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-13537£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.5£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


Modicon M580

Modicon M340

Modicon Quantum

Modicon Premium

Power SCADA Operation

Power SCADA Expert

EcoStruxure Geo SCADA Expert (ClearSCADA)

EcoStruxure Control Expert


·ì϶¸ÅÊö


Ê©Ä͵µçÆø֪ͨ¿Í»§£¬ÒѾ­ÎªÄ³Ð©Modicon½ÚÔìÆ÷ºÍ¼¸ÖÖEcoStruxure²úÆ·Öеķì϶ÌṩÁ˲¹¶¡¡£Æ¾¾ÝÊ©Ä͵µçÆøµÄ˵·¨£¬Modicon M580£¬M340£¬QuantumºÍPremium½ÚÔìÆ÷Êܵ½Èý¸ö»Ø¾ø·þÎñ£¨DoS£©·ì϶µÄÓ°Ïì¡£ËùÓÐÕâÈý¸ö·ì϶¾ùÊÇÓÉÓÚ¡°¶ÔÒì³£»òÒì³£Çé¿ö½øÐв»µ±²é³­¡±ÒýÆðµÄ£¬ÓµÓÐÍøÂç½Ó¼ûȨÏ޵Ĺ¥»÷ÕßÄܹ»Í¨¹ýModbus TCPÀûÓÃÕâЩ·ì϶¡£ÆäÖÐÁ½¸ö·ì϶µÄÑϳÁÐԵȼ¶Îª¸ß£¬¶øÒ»¸öÑϳÁˮƽΪÖеÈ¡£Ê©Ä͵µçÆø»¹½¨¸´ÁËÈý¿îEcoStruxure²úÆ·Öеݲȫ·ì϶£¬Ô̺¬Power SCADA OperationµçÔ´¼à¶½ºÍ½ÚÔìÈí¼þÖеĻº³åÇøÒç¶Âí½Å¡¢ClearSCADAÖеÄÎļþȨÏÞ²»ÕýÈ··ì϶ºÍEcoStruxure Control Expert±à³ÌÈí¼þÖеÄÉí·ÝÑéÖ¤Èƹý·ì϶¡£


·ì϶ÑéÖ¤


ÔÝÎÞPOC/EXP¡£


½¨¸´½¨Òé


Ä¿Ç°³§ÉÌÒÑ°ä²¼Éý¼¶²¹¶¡ÒÔ½¨¸´·ì϶£¬²¹¶¡»ñÈ¡Á´½Ó£ºhttps://www.se.com/ww/en/download/¡£


²Î¿¼Á´½Ó


https://www.securityweek.com/schneider-electric-patches-vulnerabilities-modicon-ecostruxure-products