CVE-2023-22610

Summary

A CWE-863: Incorrect Authorization vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port.

Affected Software

VendorProductVersion RangeStatus
Schneider ElectricEcoStruxure Geo SCADA Expert 2019 - 2021 (formerly known as ClearSCADA)All < October 2022affected

Weaknesses

  • CWE-863: CWE-863 Incorrect Authorization

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References