Added: 03/14/2016
CVE: CVE-2016-2278
The Schneider Electric StruxureWare Building Operation software suite provides integrated monitoring, control, and management of energy, HVAC, lighting and fire safety. The Automation Server is a building automation system for small and medium-sized buildings.
A vulnerability in the Automation Server product allows remote, authenticated users to bypass the **msh**
(minimal shell) restrictions and execute arbitrary operating system commands. This vulnerability can be exploited using the default admin account if the password has not been changed.
See SEVD-2016-025-01 for fix information.
<https://ics-cert.us-cert.gov/advisories/ICSA-16-061-01>
<https://www.exploit-db.com/exploits/39522/>
Exploit works on Automation Server 1.7 and earlier if the default admin password has not been changed.
Linux