CVE-2017-5178

An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials...

Default credentials

An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials...

CVE-2017-5178

An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials...

CVE-2017-5178

Schneider Electric Wonderware Intelligence embeds Tableau Server/Desktop (versions 7.0–10.1.3 in 2014R3 and earlier) and suffers a default system account credential issue. Under local authentication (not AD-integrated), the default system account can be used to gain unauthorized access; Windows I...

CVE-2017-5178

An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in Wonderware Intelligence Versions 2014R3 and prior. These versions contain a system account that is installed by default. The default system account is difficult to configure with non-default credentials...

ICSA-17-066-01_Schneider Electric Wonderware Intelligence

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Schneider Electric Equipment: Wonderware Intelligence Vulnerability: Credentials Management AFFECTED PRODUCTS The following versions of Wonderware Intelligence, an operations management software, are affected: Tableau...

Critical Infrastructure Continues to Patch Heartbleed

Unified Automation issued a security advisory warning that its OPC UA software developers kit SDK for Windows contains the OpenSSL cryptography library that is vulnerable to Heartbleed. Schneider Electric, another industrial control system ICS manufacturer, posted its own advisory with mitigation...

Schneider Electric Wonderware Intelligence Security Patch for OpenSSL Vulnerability

OVERVIEW Schneider Electric Wonderware’s Cyber Security Team has identified an OpenSSL Heartbleed vulnerability in the Wonderware Intelligence application, caused by a third-party component. Schneider Electric Wonderware has produced a patch that mitigates this vulnerability. This vulnerability...