发布日期:2013-08-22
更新日期:2013-08-26
受影响系统:
Schneider Electric Trio J-Series Radio 3.x
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 61968
CVE(CAN) ID: CVE-2013-2782
Schneider Electric Multiple Trio J-Series Radio设备是无线电台设备。
Schneider Electric Trio J-Series Radio 3.6.0, 3.6.1, 3.6.2, 3.6.3在生成AES密钥时存在错误,可导致攻击者截获并泄露加密无线通讯链接流量,并访问ICS网络。
<*来源:vendor
链接:
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Schneider Electric
------------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
?L=en&p=&p_docId=&p_docId=&p_Reference=SEVD%202013-143-01&p_EnDocType=Technical%20paper&p_File_Id=141141292&p_File_Name=SEVD-2013-143-01.pdf
?c_filepath=/templatedata/Content/News/data/en/local/cybersecurity/general_information/2013/08/20130808_advisory_of_vulnerability_affecting_trio_j_series_radio.xml