An issue exists in Schneider Electric Magelis HMI Magelis GTO Advanced Optimum Panels, all versions, Magelis GTU Universal Panel, all versions, Magelis STO5xx and STU Small panels, all versions, Magelis XBT GH Advanced Hand-held Panels, all versions, Magelis XBT GK Advanced Touchscreen Panels with Keyboard, all versions, Magelis XBT GT Advanced Touchscreen Panels, all versions, and Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe). An attacker can open multiple connections to a targeted web server and keep connections open preventing new connections from being made, rendering the web server unavailable during an attack.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
schneider-electric magelis_gtu_universal_panel_firmware - |
||
schneider-electric magelis_gto_advanced_optimum_panel_firmware - |
||
schneider-electric magelis_sto5_small_panel_firmware - |
||
schneider-electric magelis_stu_small_panel_firmware - |
||
schneider-electric magelis_xbt_gh_advanced_hand-held_panel_firmware - |
||
schneider-electric magelis_xbt_gk_advanced_touchscreen_panel_with_keyboard_firmware - |
||
schneider-electric magelis_xbt_gt_advanced_touchscreen_panel_firmware - |
||
schneider-electric magelis_xbt_gtw_advanced_open_touchscreen_panel_firmware - |
'Totally different' Schneider Electric PanelShock vuln appears
Security researchers have discovered another serious vulnerability in industrial control kit from Schneider Electric. System crashing flaws in the physical HMI (Human Machine Interface) hardware, dubbed PanelShock by security researchers, follow days after the earlier disclosure of security vulnerabilities in Schneider Electric’s Unity simulator (PLC programming framework). The vulnerabilities were discovered by researchers from Check Point and cybersecurity startup Critifence. “Vulnerabilit...
Vulmon