Описание
Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до c3414-500-s02j1 (включая)
Одновременно
cpe:2.3:o:schneider-electric:telvent_rtu_firmware:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:schneider-electric:sage_1410:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:sage_1430:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:sage_1450:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:sage_2400:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:sage_3030m:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:sage_landac_ii-2:-:*:*:*:*:*:*:*
Конфигурация 2Версия до c3413-500-001d3 (включая)
Одновременно
cpe:2.3:h:schneider-electric:sage_2300:-:*:*:*:*:*:*:*
cpe:2.3:o:schneider-electric:telvent_rtu_firmware:*:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00417
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage 1410, Sage 1430, Sage 1450, Sage 2400, and Sage 3030M RTUs with firmware before C3414-500-S02J2, allow remote attackers to obtain sensitive information from device memory by reading a padding field of an Ethernet packet.
EPSS
Процентиль: 61%
0.00417
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200