The NCCIC has released an advisory on heap-based buffer overflow, improper restriction of operations within the bounds of a memory buffer, and open redirect vulnerabilities in Schneider Electric Floating License Manager. Multiple products and versions of the products are affected. Successful exploitation of these vulnerabilities could cause a denial of service, allow arbitrary execution of code with system level privileges, or send users to arbitrary websites. Schneider Electric recommends that users of affected Citect and PlantStruxure products download and install the new version of the software. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.
You are here
Related Resources
Jul 28, 2020 in Cybersecurity
Dec 20, 2018 in Cybersecurity