Schneider Electric has become aware of a VxWorks TCP Initial Sequence Vulnerability in the SAGE RTU product line which could result in remote man-in-the-middle or denial-of-service exploitation.


Please browse the following link to learn the details of this vulnerability in the Schneider Electric SAGE RTU product line.


http://www.schneider-electric.com/ww/en/download/document/SEVD-2015-162-01


Further information about the vulnerability in VxWorks is available here:


https://ics-cert.us-cert.gov/advisories/ICSA-15-169-01