First published: Fri May 31 2019(Updated: )
In Vijeo Citect 7.30 and 7.40, and CitectSCADA 7.30 and 7.40, a vulnerability has been identified that may allow an authenticated local user access to Citect user credentials.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Schneider-electric Citectscada | =7.30 | |
Schneider-electric Citectscada | =7.40 | |
Schneider-electric Scada Expert Vijeo Citect | =7.30 | |
Schneider-electric Scada Expert Vijeo Citect | =7.40 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-10981 is a vulnerability in Vijeo Citect 7.30 and 7.40 and CitectSCADA 7.30 and 7.40 that allows an authenticated local user to access Citect user credentials.
Vijeo Citect 7.30, Vijeo Citect 7.40, CitectSCADA 7.30, and CitectSCADA 7.40 are affected by CVE-2019-10981.
CVE-2019-10981 has a severity rating of 7.8, which is considered high.
An authenticated local user can exploit CVE-2019-10981 to gain access to Citect user credentials.
To fix CVE-2019-10981, it is recommended to apply the necessary updates or patches provided by Schneider-electric.