发布日期:2013-08-22
更新日期:2013-08-26受影响系统:
Schneider Electric Trio J-Series Radio 3.x
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 61968
CVE(CAN) ID: CVE-2013-2782Schneider Electric Multiple Trio J-Series Radio设备是无线电台设备。Schneider Electric Trio J-Series Radio 3.6.0, 3.6.1, 3.6.2, 3.6.3在生成AES密钥时存在错误,可导致攻击者截获并泄露加密无线通讯链接流量,并访问ICS网络。<*来源:vendor
链接:http://secunia.com/advisories/54594/
http://ics-cert.us-cert.gov/advisories/ICSA-13-234-01
*>建议:
--------------------------------------------------------------------------------
厂商补丁:Schneider Electric
------------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://download.schneider-electric.com/files?L=en&p=&p_docId=&p_docId=&p_Reference=SEVD%202013-143-01&p_EnDocType=Technical%20paper&p_File_Id=141141292&p_File_Name=SEVD-2013-143-01.pdf
http://www2.schneider-electric.com/corporate/en/support/cybersecurity/viewer-news.page?c_filepath=/templatedata/Content/News/data/en/local/cybersecurity/general_information/2013/08/20130808_advisory_of_vulnerability_affecting_trio_j_series_radio.xml
http://www.schneider-electric.com/sites/corporate/en/support/cybersecurity/cyber-security-vulnerabil多个VMware产品本地权限提升漏洞(CVE-2013-1662)SearchBlox 多个信息泄露漏洞(CVE-2013-3597)相关资讯 Schneider Electric
- Schneider Electric Modicon PLC反 (09/07/2015 15:06:56)
- 多个Schneider Electric产品XML外 (08/07/2013 23:09:49)
| - Schneider Electric Wonderware (06/22/2015 11:48:23)
- Schneider Electric多个产品Modbus (04/12/2013 06:05:20)
|
本文评论 查看全部评论 (0)
易网时代-编程资源站