Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA10508
Multiple vulnerabilities in Schneider Electric products

Updated: 06/03/2020
Detect date
?
 03/29/2015
Severity
?
 Warning
Description

Multiple serious vulnerabilities have been found in Schneider Electric products. Malicious users can exploit these vulnerabilities to obtain sensitive information orbypass security restrictions.

Below is a complete list of vulnerabilities

  1. Improper credentials storing and transmitting can be exploited locally via file manipulations or network sniffing;
  2. Publication list of usernames can be exploited remotely via conducting brute-force attack.
Affected products

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4
Schneider Electric InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4
Solution

Update to the latest version
Original advisories

SE bulletin
SE bulletin
Impacts
?
OSI 
[?]

SB 
[?]
Related products
 InduSoft Web Studio
CVE-IDS
?
CVE-2015-09962.1Warning
CVE-2015-09992.1Warning
CVE-2015-09975.0Critical
CVE-2015-09983.3Warning
Find out the statistics of the vulnerabilities spreading in your region
© 2021 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up