CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
35.6%
**ATTENTION:**Remotely exploitable/low skill level to exploit.
Vendor: Schneider Electric
Equipment: ClearSCADA
Vulnerability: Improper Input Validation
The following versions of ClearSCADA, server and communications driver processes, are affected:
Successful exploitation of this vulnerability could cause the ClearSCADA server process and communications driver processes to terminate.
Schneider Electric has released the following updates to mitigate the vulnerability:
Users of ClearSCADA 2013 R2 and prior versions should upgrade to the latest ClearSCADA 2015 R2 hotfix to mitigate the vulnerability.
Each of the Service Pack and hotfixes above are available for direct download from Schneider Electricโs web site at:
<http://resourcecenter.controlmicrosystems.com/display/CS/SCADA+Expert+ClearSCADA+Downloads>
More information can be found by visiting Schneider Electricโs Security Notification at:
<http://www.schneider-electric.com/en/download/document/SEVD-2017-060-01/>
Schneider Electric recommends users include the following measures in their SCADA strategies:
ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Additional mitigation guidance and recommended practices are publicly available in the ICSโCERT Technical Information Paper, ICS-TIP-12-146-01BโTargeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.
No known public exploits specifically target this vulnerability.
An attacker with network access to the ClearSCADA server can send specially crafted sequences of commands and data packets to the ClearSCADA server that can cause the ClearSCADA server process and ClearSCADA communications driver processes to terminate.
CVE-2017-6021 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
Sergey Temnikov and Vladimir Dashchenko of Kapersky Labโs Critical Infrastructure Defense Team identified and reported the vulnerability to Schneider Electric.
Critical Infrastructure Sector(s): Critical Manufacturing
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Paris, France
resourcecenter.controlmicrosystems.com/display/CS/SCADA+Expert+ClearSCADA+Downloads
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6021
www.schneider-electric.com/en/download/document/SEVD-2017-060-01/
cisasurvey.gov1.qualtrics.com/jfe/form/SV_9n4TtB8uttUPaM6?product=https://www.cisa.gov/news-events/ics-advisories/icsa-17-068-01
cwe.mitre.org/data/definitions/20.html
public.govdelivery.com/accounts/USDHSCISA/subscriber/new?topic_id=USDHSCISA_138
twitter.com/CISAgov
twitter.com/intent/tweet?text=Schneider%20Electric%20ClearSCADA+https://www.cisa.gov/news-events/ics-advisories/icsa-17-068-01
www.dhs.gov
www.dhs.gov/foia
www.dhs.gov/performance-financial-reports
www.facebook.com/CISA
www.facebook.com/sharer/sharer.php?u=https://www.cisa.gov/news-events/ics-advisories/icsa-17-068-01&title=Schneider%20Electric%20ClearSCADA
www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
www.instagram.com/cisagov
www.linkedin.com/company/cybersecurity-and-infrastructure-security-agency
www.linkedin.com/sharing/share-offsite/?url=https://www.cisa.gov/news-events/ics-advisories/icsa-17-068-01
www.oig.dhs.gov/
www.usa.gov/
www.whitehouse.gov/
www.youtube.com/@cisagov
mailto:?subject=Schneider%20Electric%20ClearSCADA&body=www.cisa.gov/news-events/ics-advisories/icsa-17-068-01
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
35.6%