{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"EcoStruxure Machine Expert \u2013Basic versions ant\u00e9rieures \u00e0 v 1.0 (anciennement SoMachine Basic)","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"microgiciels versions ant\u00e9rieures \u00e0 2.2.3.0 pour Sarix Enhanced","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Modicon M221 microgiciel versions ant\u00e9rieures \u00e0 v1.10.0.0","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"Vijeo Designer Lite V1.3SP1","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}},{"description":"microgiciels versions ant\u00e9rieures \u00e0 2.11 pour Spectra Enhanced","product":{"name":"N/A","vendor":{"name":"Schneider Electric","scada":true}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2018-78258","url":"https://www.cve.org/CVERecord?id=CVE-2018-78258"},{"name":"CVE-2018-78278","url":"https://www.cve.org/CVERecord?id=CVE-2018-78278"},{"name":"CVE-2018-78235","url":"https://www.cve.org/CVERecord?id=CVE-2018-78235"},{"name":"CVE-2018-78167","url":"https://www.cve.org/CVERecord?id=CVE-2018-78167"},{"name":"CVE-2018-7829","url":"https://www.cve.org/CVERecord?id=CVE-2018-7829"},{"name":"CVE-2018-78227","url":"https://www.cve.org/CVERecord?id=CVE-2018-78227"},{"name":"CVE-2018-78268","url":"https://www.cve.org/CVERecord?id=CVE-2018-78268"},{"name":"CVE-2018-78288","url":"https://www.cve.org/CVERecord?id=CVE-2018-78288"},{"name":"CVE-2018-78217","url":"https://www.cve.org/CVERecord?id=CVE-2018-78217"}],"links":[],"reference":"CERTFR-2019-AVI-067","revisions":[{"description":"Version initiale","revision_date":"2019-02-15T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSchneider Electric . Certaines d'entre elles permettent \u00e0 un attaquant\nde provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n","title":"SCADA Multiples vuln\u00e9rabilit\u00e9s dans les produits Schneider Electric","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-045-02 du 14 f\u00e9vrier 2019","url":"https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-045-02-Vijeo-Designer-Lite.pdf&p_Doc_Ref=SEVD-2019-045-02"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-045-03 du 14 f\u00e9vrier 2019","url":"https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-045-03-PelcoSarix-SpectraCameras.pdf&p_Doc_Ref=SEVD-2019-045-03"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Schneider Electric SEVD-2019-045-01 du 14 f\u00e9vrier 2019","url":"https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Name=SEVD-2019-045-01-SoMachineBasic+M221.pdf&p_Doc_Ref=SEVD-2019-045-01"}]}