CVE-2014-5412

Published: Sep 18, 2014

Modified: Nov 4, 2025

PUBLISHED

Description

Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allows remote attackers to read database records by leveraging access to the guest account.

Vendor	Product	Versions
Schneider Electric	ClearSCADA	affected `2010 R3 (build 72.4560)` affected `2010 R3.1 (build 72.4644)` unaffected `2010 R3.2`
Schneider Electric	SCADA Expert ClearSCADA	affected `2013 R1 (build 73.4729)` affected `2013 R1.1 (build 73.4832)` affected `2013 R1.1a (build 73.4903)` affected `2013 R1.2 (build 73.4955)` affected `2013 R2 (build 74.5094)` +3 more versions

Weaknesses (CWE)

CWE-287

References

https://www.cisa.gov/news-events/ics-advisories/icsa-14-259-01a

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2014/icsa-14-259-01a.json

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-5412

Description

Affected Products

Weaknesses (CWE)

References