Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Schneider Electric Patches Flaws in ClearSCADA, Wonderware Products

Schneider Electric has released patches to address critical and high severity vulnerabilities in its StruxureWare SCADA Expert ClearSCADA and Wonderware Intelligence products, ICS-CERT informed organizations last week.

Schneider Electric has released patches to address critical and high severity vulnerabilities in its StruxureWare SCADA Expert ClearSCADA and Wonderware Intelligence products, ICS-CERT informed organizations last week.

According to advisories released by both ICS-CERT and Schneider Electric, the ClearSCADA product is affected by a high severity flaw (CVE-2017-6021) that allows an attacker on the network to crash the ClearSCADA server process and communications driver by sending a specially crafted request.

The security hole, discovered by researchers at Kaspersky Lab, affects all supported versions of the SCADA product, including ClearSCADA 2014 R1 (build 75.5210), 2014 R1.1 (build 75.5387), 2015 R1 (build 76.5648) and 2015 R2 (build 77.5882).

Service packs or hotfixes were released for versions 2014 R1.1 (build 75.6239), 2015 R1.1 (build 76.6191) and 2015 R2 (build 77.6181) in December and January. Users of ClearSCADA 2013 R2 and earlier versions have been advised to update to 2015 R2.

Learn More at the 2017 Singapore ICS Cyber Security Conference

A separate advisory describes a critical severity credentials management issue (CVE-2017-5178) affecting the Tableau Server analytics software optionally available in the Wonderware Intelligence solution.

The Tableau Server software includes a default account that is not easy to configure after installation. ICS-CERT said the process of changing the default credentials for Tableau Server is not documented.

The account in question has administrative privileges, allowing an attacker to leverage it to take control of the host machine, the vendor warned.

Advertisement. Scroll to continue reading.

Schneider has advised all organizations that use Wonderware Intelligence with Tableau Server versions 7.0 through 10.1.3 to update both the Tableau Server and Tableau Client (Desktop) components to version 10.1.4. It’s worth noting that only installations configured for local authentication are affected by the flaw; installations that use Active Directory are not impacted.

These are not the only vulnerabilities patched by Schneider this year. The company has also addressed security holes in homeLYnk, Wonderware Historian, StruxureWare Data Center Expert, and Conext Combox.

Related: Flaw in Schneider Industrial Firewalls Allows Remote Code Execution

Related: Security Firm Discloses Unpatched Flaws in Schneider HMI Product

Related: ICS Networks at Risk Due to Flaw in Schneider PLC Simulator

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.