CNVD-2016-10624

Vulnerability from cnvd - Published: 2016-11-04
VLAI Severity ?
Title
多款Schneider Electric产品拒绝服务漏洞
Description
Schneider Electric Magelis HMI Magelis GTO Advanced Optimum panels等都是法国施耐德电气(Schneider Electric)公司的HMI人机面板系列产品。 多款Schneider Electric产品中存在拒绝服务漏洞。攻击者利用漏洞可破坏目标web服务器,导致服务器拒绝服务,设备重启。
Severity
Formal description

厂商尚未提供漏洞修补方案,请关注厂商主页及时更新: http://www.schneider-electric.com/

Reference
http://www.schneider-electric.com/ww/en/download/document/SEVD-2016-302-01 http://www.critifence.com/sve/sve.php?id=82003202
Impacted products
Name
['Schneider Electric Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe)', 'Schneider Electric Magelis XBT GT Advanced Touchscreen Panels All', 'Schneider Electric Magelis XBT GK Advanced Touchscreen Panels with Keyboard All', 'Schneider Electric Magelis XBT GH Advanced hand-held Panel All', 'Schneider Electric Magelis STO & STU Small panels All', 'Schneider Electric Magelis GTU Universal panel All', 'Schneider Electric Magelis GTO Advanced Optimum panels All']
Show details on source website
To clipboard 

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-8374"
    }
  },
  "description": "Schneider Electric Magelis HMI Magelis GTO Advanced Optimum panels\u7b49\u90fd\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684HMI\u4eba\u673a\u9762\u677f\u7cfb\u5217\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eSchneider Electric\u4ea7\u54c1\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u53ef\u7834\u574f\u76ee\u6807web\u670d\u52a1\u5668\uff0c\u5bfc\u81f4\u670d\u52a1\u5668\u62d2\u7edd\u670d\u52a1\uff0c\u8bbe\u5907\u91cd\u542f\u3002",
  "discovererName": "Eran Goldstein",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u8865\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u53ca\u65f6\u66f4\u65b0\uff1a\r\nhttp://www.schneider-electric.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-10624",
  "openTime": "2016-11-04",
  "products": {
    "product": [
      "Schneider Electric Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe)",
      "Schneider Electric Magelis XBT GT Advanced Touchscreen Panels All",
      "Schneider Electric Magelis XBT GK Advanced Touchscreen Panels with Keyboard All",
      "Schneider Electric Magelis XBT GH Advanced hand-held Panel All",
      "Schneider Electric Magelis STO \u0026 STU Small panels All",
      "Schneider Electric Magelis GTU Universal panel All",
      "Schneider Electric Magelis GTO Advanced Optimum panels All"
    ]
  },
  "referenceLink": "http://www.schneider-electric.com/ww/en/download/document/SEVD-2016-302-01\r\nhttp://www.critifence.com/sve/sve.php?id=82003202",
  "serverity": "\u9ad8",
  "submitTime": "2016-11-03",
  "title": "\u591a\u6b3eSchneider Electric\u4ea7\u54c1\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.