Ê©Ä͵µçÆøÐÞ¸´Á˶à¸öDoSÎó²îΣº¦Í¨¸æ

Ðû²¼Ê±¼ä 2019-12-17

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-6857£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.5£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-6856£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.5£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2018-7794£¬£¬£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º5.9£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-13537£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.5£¬£¬£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


Modicon M580

Modicon M340

Modicon Quantum

Modicon Premium

Power SCADA Operation

Power SCADA Expert

EcoStruxure Geo SCADA Expert (ClearSCADA)

EcoStruxure Control Expert


Îó²î¸ÅÊö


Ê©Ä͵µçÆø֪ͨ¿Í»§£¬£¬£¬ÒѾ­ÎªÄ³Ð©Modicon¿ØÖÆÆ÷ºÍ¼¸ÖÖEcoStruxure²úÆ·ÖеÄÎó²îÌṩÁ˲¹¶¡¡£ ¡£¡£¡£¡£¡£¡£Æ¾Ö¤Ê©Ä͵µçÆøµÄ˵·¨£¬£¬£¬Modicon M580£¬£¬£¬M340£¬£¬£¬QuantumºÍPremium¿ØÖÆÆ÷Êܵ½Èý¸ö¾Ü¾øЧÀÍ£¨DoS£©Îó²îµÄÓ°Ïì¡£ ¡£¡£¡£¡£¡£¡£ËùÓÐÕâÈý¸öÎó²î¾ùÊÇÓÉÓÚ¡°¶ÔÒì³£»£»£»£»òÒì³£ÇéÐξÙÐв»µ±¼ì²é¡±ÒýÆðµÄ£¬£¬£¬¾ßÓÐÍøÂç»á¼ûȨÏ޵Ĺ¥»÷Õß¿ÉÒÔͨ¹ýModbus TCPʹÓÃÕâЩÎó²î¡£ ¡£¡£¡£¡£¡£¡£ÆäÖÐÁ½¸öÎó²îµÄÑÏÖØÐÔÆ·¼¶Îª¸ß£¬£¬£¬¶øÒ»¸öÑÏÖØˮƽΪÖеÈ¡£ ¡£¡£¡£¡£¡£¡£Ê©Ä͵µçÆø»¹ÐÞ¸´ÁËÈý¿îEcoStruxure²úÆ·ÖеÄÇå¾²Îó²î£¬£¬£¬°üÀ¨Power SCADA OperationµçÔ´¼àÊӺͿØÖÆÈí¼þÖеĻº³åÇøÒç³öÎó²î¡¢ClearSCADAÖеÄÎļþȨÏÞ²»×¼È·Îó²îºÍEcoStruxure Control Expert±à³ÌÈí¼þÖеÄÉí·ÝÑéÖ¤ÈƹýÎó²î¡£ ¡£¡£¡£¡£¡£¡£


Îó²îÑéÖ¤


ÔÝÎÞPOC/EXP¡£ ¡£¡£¡£¡£¡£¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬£¬£¬²¹¶¡»ñÈ¡Á´½Ó£ºhttps://www.se.com/ww/en/download/¡£ ¡£¡£¡£¡£¡£¡£


²Î¿¼Á´½Ó


https://www.securityweek.com/schneider-electric-patches-vulnerabilities-modicon-ecostruxure-products