ABSTRACT

ICS-CERT Advisory: ICSA-13-100-01: Schneider Electric MiCOM S1 Studio Improper Authorization Vulnerability   [open pdf - 68KB]

"This advisory provides mitigation details for a vulnerability affecting the Schneider Electric MiCOM S1 Studio Software. Independent researcher Michael Toecker of Digital Bond has identified an improper authorization vulnerability in the MiCOM S1 Studio Software using the Microsoft Attack Surface Analyzer tool. The vulnerability was disclosed to vendors prior to the 2013 Digital Bond S4 Conference and then presented at the conference. The function of MiCOM S1 Studio Software is to allow users to modify or manage the configuration parameters of electronic protective relays."

Report Number:
ICS-CERT Advisory No. 13-100-01; Industrial Controls System-Cyber Emergency Response Team Advisory No. 13-100-01
Publisher:
Date:
2013-04-10
Copyright:
Public Domain
Retrieved From:
Industrial Control Systems Cyber Emergency Response Team: http://ics-cert.us-cert.gov/
Format:
pdf
Media Type:
application/pdf
URL:
Help with citations