Ê©Ä͵µçÆøÐÞ¸´Á˶à¸öDoSÎó²îΣº¦Í¨¸æ

Ðû²¼Ê±¼ä 2019-12-17

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-6857 £¬Î£ÏÕ¼¶±ð£º¸ßΣ £¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.5 £¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-6856 £¬Î£ÏÕ¼¶±ð£º¸ßΣ £¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.5 £¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-7794 £¬Î£ÏÕ¼¶±ð£ºÖÐΣ £¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º5.9 £¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-13537 £¬Î£ÏÕ¼¶±ð£º¸ßΣ £¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.5 £¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


Modicon M580

Modicon M340

Modicon Quantum

Modicon Premium

Power SCADA Operation

Power SCADA Expert

EcoStruxure Geo SCADA Expert (ClearSCADA)

EcoStruxure Control Expert


Îó²î¸ÅÊö


Ê©Ä͵µçÆø֪ͨ¿Í»§ £¬ÒѾ­ÎªÄ³Ð©Modicon¿ØÖÆÆ÷ºÍ¼¸ÖÖEcoStruxure²úÆ·ÖеÄÎó²îÌṩÁ˲¹¶¡¡£Æ¾Ö¤Ê©Ä͵µçÆøµÄ˵·¨ £¬Modicon M580 £¬M340 £¬QuantumºÍPremium¿ØÖÆÆ÷Êܵ½Èý¸ö¾Ü¾ø·þÎñ£¨DoS£©Îó²îµÄÓ°Ïì¡£ËùÓÐÕâÈý¸öÎó²î¾ùÊÇÓÉÓÚ¡°¶ÔÒì³£»òÒì³£ÇéÐξÙÐв»µ±¼ì²é¡±ÒýÆðµÄ £¬¾ßÓÐÍøÂç»á¼ûȨÏ޵Ĺ¥»÷Õß¿ÉÒÔͨ¹ýModbus TCPʹÓÃÕâЩÎó²î¡£ÆäÖÐÁ½¸öÎó²îµÄÑÏÖØÐÔÆ·¼¶Îª¸ß £¬¶øÒ»¸öÑÏÖØˮƽΪÖеÈ¡£Ê©Ä͵µçÆø»¹ÐÞ¸´ÁËÈý¿îEcoStruxure²úÆ·ÖеÄÇå¾²Îó²î £¬°üÀ¨Power SCADA OperationµçÔ´¼àÊӺͿØÖÆÈí¼þÖеĻº³åÇøÒç³öÎó²î¡¢ClearSCADAÖеÄÎļþȨÏÞ²»×¼È·Îó²îºÍEcoStruxure Control Expert±à³ÌÈí¼þÖеÄÉí·ÝÑéÖ¤ÈƹýÎó²î¡£


Îó²îÑéÖ¤


ÔÝÎÞPOC/EXP¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î £¬²¹¶¡»ñÈ¡Á´½Ó£ºhttps://www.se.com/ww/en/download/¡£


²Î¿¼Á´½Ó


https://www.securityweek.com/schneider-electric-patches-vulnerabilities-modicon-ecostruxure-products