Several Schneider Electric Wonderware products are plagued by a high severity vulnerability that can be exploited for arbitrary code execution.
The Wonderware System Platform is an industrial operating system designed to provide services for configuration, communication, deployment, data connectivity, HMI, historization, and people collaboration. The solution is used by organizations across the world in industries such as manufacturing, food and beverage, energy, chemical, and water and wastewater.
According to advisories published by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) and Schneider Electric, the Wonderware System Platform is affected by a DLL hijacking (fixed search path / binary planting) vulnerability. An attacker who can convince a local user to load a maliciously crafted DLL file can exploit the flaw for arbitrary code execution.
“Crafting a working exploit for this vulnerability would be difficult. Social engineering is required to convince the user to accept the malicious file. This decreases the likelihood of a successful exploit,” ICS-CERT noted.
The security hole affects Wonderware InTouch, AppServer, Historian, and SuiteLink applications running version 2014 R2 and prior of the Wonderware System Platform.
The vulnerability, discovered and reported by Ivan Sanchez of WiseSecurity Team, has been assigned a CVSS score of 7.2 and the CVE identifier CVE-2015-3940. The bug has been patched with the release of Wonderware System Platform 2014 R2 P01.
Schneider’s advisory contains instructions on how to apply the patch, and recommendations for organizations that are unable to upgrade to the latest version.
The company has also informed customers of a cross-site scripting (XSS) vulnerability in PowerChute Business Edition Agent 9.0.3. The security bug will be addressed in the next PowerChute Business Edition release, but Schneider Electric has pointed out that the issue does not impact the 9.1.1 and 9.2 versions.
Until a patch becomes available, customers are advised to use web browsers that have XSS filters enabled by default, and ensure that the application is running on a private or secure network.
Related: Learn More At the ICS Cyber Security Conference
Related: Critical Vulnerability Fixed in Schneider Electric Wonderware Product
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping
- SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022
- VMware ESXi Servers Targeted in Ransomware Attack via Old Vulnerability
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- GoAnywhere MFT Users Warned of Zero-Day Exploit
- UK Car Retailer Arnold Clark Hit by Ransomware
- EV Charging Management System Vulnerabilities Allow Disruption, Energy Theft
- Unpatched Econolite Traffic Controller Vulnerabilities Allow Remote Hacking
Latest News
- Comcast Wants a Slice of the Enterprise Cybersecurity Business
- Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping
- New York Attorney General Fines Vendor for Illegally Promoting Spyware
- SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022
- 20 Million Users Impacted by Data Breach at Instant Checkmate, TruthFinder
- Cyber Insights 2023 | Zero Trust and Identity and Access Management
- Cyber Insights 2023 | The Coming of Web3
- European Police Arrest 42 After Cracking Covert App
