KLA10508Multiple vulnerabilities in Schneider Electric products

2015-03-29T00:00:00
ID KLA10508
Type kaspersky
Reporter Kaspersky Lab
Modified 2019-03-07T00:00:00

Description

Detect date:

03/29/2015

Severity:

Warning

Description:

Multiple serious vulnerabilities have been found in Schneider Electric products. Malicious users can exploit these vulnerabilities to obtain sensitive information orbypass security restrictions.

Affected products:

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4
Schneider Electric InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4

Solution:

Update to the latest version

Original advisories:

SE bulletin
SE bulletin

Impacts:

OSI

Related products:

InduSoft Web Studio

CVE-IDS:

CVE-2015-09962.1Warning
CVE-2015-09992.1Warning
CVE-2015-09975.0Warning
CVE-2015-09983.3Warning