You are here

Home

openssl

ICS-CERT Advisory: Schneider Electric Wonderware OpenSSL Vulnerability (ICSA-14-135-02, May 15, 2014)

Schneider Electric Wonderware’s Cyber Security Team has identified an OpenSSL Heartbleed vulnerability in the Wonderware Intelligence application, caused by a third-party component. Schneider Electric Wonderware has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available.

AFFECTED PRODUCTS

Tags: 
openssl heartbleed

ICS-CERT Advisory: Unified Automation OPC SDK OpenSSL Vulnerability (ICSA-14-135-04, May 15, 2014)

On April 09, 2014, Unified Automation GmbH announced that its OPC UA Software Development Kits (SDKs) for Windows included vulnerable OpenSSL libraries. HTTPS support is disabled by default in Unified Automation SDK products. However if HTTPS is used, Unified Automation recommends replacing the OpenSSL library with a current version (1.01.g or later) to mitigate this vulnerability.

This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available.

Tags: 
openssl heartbleed
Subscribe to openssl