David Formby and Raheem Beyah of Georgia Tech have identified a vulnerability caused by an Institute of Electrical and Electronics Engineers (IEEE) conformance issue involving improper frame padding in Schneider Electric’s Telvent SAGE 2300 and 2400 remote terminal units (RTUs). Schneider Electric has already released a revision that eliminates this vulnerability. This advisory serves as a notification of a new vulnerability in the previous software version. The researchers have tested the revision to validate that it resolves the reported vulnerability.
Cyber Security and Information Systems Information Analysis Center
Leave a Comment
You must be logged in to post a comment.