Description
Directory traversal vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier allows remote attackers to read arbitrary files via unspecified vectors.
References (3)
Core 3
Core References
Various Sources x_refsource_confirm
http://www.scada.schneider-electric.com/sites/scada/en/login/historian-vulnerability.page
US Government Resource x_refsource_misc
http://www.us-cert.gov/control_systems/pdf/ICSA-11-307-01.pdf
Various Sources x_refsource_confirm
http://www.citect.com/index.php?option=com_content&view=article&id=1656&Itemid=1695
Scores
EPSS
0.0051
EPSS Percentile
66.4%
Details
CWE
CWE-22
Status
published
Products (8)
schneider-electric/citecthistorian
4.20
schneider-electric/citecthistorian
< 4.30
schneider-electric/citectscada_reports
4.0
schneider-electric/citectscada_reports
< 4.10
schneider-electric/vijeo_historian
4.0
schneider-electric/vijeo_historian
4.10
schneider-electric/vijeo_historian
4.20
schneider-electric/vijeo_historian
< 4.30
Published
Dec 02, 2011
Tracked Since
Feb 18, 2026