Schneider Electric Wonderware InduSoft Web Studio 8.0 Patch 3 Insecure Permissions

`Vendor: Schneider Electric  
Equipment: Wonderware InduSoft Web Studio  
Vulnerability: Incorrect Default Permissions  
Advisory URL:  
https://ipositivesecurity.com/2017/05/19/ics-schneider-electric-wonderware-indusoft-web-studio-privilege-escalation/  
  
ICS-CERT Advisory  
https://ics-cert.us-cert.gov/advisories/ICSA-17-138-02  
  
------------------------  
AFFECTED PRODUCTS  
------------------------  
The following versions of Schneider Electricas Wondeware InduSoft Web  
Studio are affected:  
  
Wonderware InduSoft Web Studio v8.0 Patch 3 and prior versions.  
  
------------------------  
IMPACT  
------------------------  
Successful exploitation of this vulnerability could allow an authenticated  
user to escalate his or her privileges.  
  
------------------------  
VULNERABILITY OVERVIEW  
------------------------  
  
INCORRECT DEFAULT PERMISSIONS CWE-276  
Upon installation, Wonderware InduSoft Web Studio creates a new directory  
and two files, which are placed in the systemas path and can be manipulated  
by non-administrators. This could allow an authenticated user to escalate  
his or her privileges.  
  
The directory and files are added to systemas PATH. Therefore, the  
following can be manipulated by non-administrator users:  
  
aC/ File C:\Bin\x86\aahClientManaged.dll has weak permissions: ALLOW NT  
AUTHORITY\Authenticated Users: FILE_WRITE_DATA FILE_APPEND_DATA DELETE  
aC/ File C:\Bin\x86\ has weak permissions: ALLOW NT AUTHORITY\Authenticated  
Users: FILE_ADD_FILE FILE_ADD_SUBDIRECTORY FILE_WRITE_EA  
FILE_WRITE_ATTRIBUTES DELETE  
  
CVE-2017-7968 has been assigned to this vulnerability. A CVSS v3 base score  
of 7.3 has been assigned; the CVSS vector string is  
(AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H).  
  
+++++  
  
  
`