Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-0999 (GCVE-0-2015-0999)
Vulnerability from cvelistv5
Published
2015-03-29 10:00
Modified
2024-08-06 04:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01 | Patch, Vendor Advisory | |
| ics-cert@hq.dhs.gov | http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02 | Patch, Vendor Advisory | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01 | Third Party Advisory, US Government Resource |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-29T02:57:00",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-0999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01",
"refsource": "CONFIRM",
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01"
},
{
"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02",
"refsource": "CONFIRM",
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2015-0999",
"datePublished": "2015-03-29T10:00:00",
"dateReserved": "2015-01-10T00:00:00",
"dateUpdated": "2024-08-06T04:26:11.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2015-0999\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2015-03-29T10:59:08.477\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file.\"},{\"lang\":\"es\",\"value\":\"Schneider Electric InduSoft Web Studio anterior a 7.1.3.4 SP3 Patch 4 e InTouch Machine Edition 2014 anterior a 7.1.3.4 SP3 Patch 4 almacenan las credenciales de usuarios OPC en texto claro en un fichero de configuraci\u00f3n, lo que permite a usuarios locales obtener informaci\u00f3n sensible mediante la lectura de este fichero.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:aveva:aveva_edge:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.3.4\",\"matchCriteriaId\":\"9320F153-84EC-4722-AD6D-D24963D152CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schneider-electric:wonderware_intouch_2014:*:*:*:*:machine:*:*:*\",\"versionEndExcluding\":\"7.1.3.4\",\"matchCriteriaId\":\"26601A30-9851-42EF-BEF7-2C50D7AE920F\"}]}]}],\"references\":[{\"url\":\"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}"
}
}
icsa-15-085-01a
Vulnerability from csaf_cisa
Published
2015-12-27 07:00
Modified
2025-06-06 21:40
Summary
Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities (Update A)
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-15-085-01A JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2015/icsa-15-085-01a.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-15-085-01A - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-085-01a"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities (Update A)",
"tracking": {
"current_release_date": "2025-06-06T21:40:08.191186Z",
"generator": {
"date": "2025-06-06T21:40:08.191157Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-15-085-01A",
"initial_release_date": "2015-12-27T07:00:00.000000Z",
"revision_history": [
{
"date": "2015-12-27T07:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-06T21:40:08.191186Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=7.1.3.2",
"product": {
"name": "Schneider Electric InduSoft Web Studio: \u003c=7.1.3.2",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "InduSoft Web Studio"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=7.1.3.2",
"product": {
"name": "Schneider Electric InTouch Machine Edition 2014: \u003c=7.1.3.2",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "InTouch Machine Edition 2014"
}
],
"category": "vendor",
"name": "Schneider Electric"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-0999",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "summary",
"text": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric has two divisions supporting this product under separate organizations",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Patch availability and technical information is available at these separate divisional support units",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Schneider Electric has issued separate security notices for each specific division/product support center",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "SEVD-2015-054-01 - InduSoft Web Studio",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "Schneider Electric has released patches, available for download, to remediate the noted vulnerabilities",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "The patch for InduSoft Web Studio, Version 7.1.3.4, Service Pack 3, Patch 4, is available for download using this URL: (http://www.indusoft.com/dev/INDUSOFT/Release/IWS71.3.4/IWS71.3.4.zip)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "http://www.indusoft.com/dev/INDUSOFT/Release/IWS71.3.4/IWS71.3.4.zip"
},
{
"category": "mitigation",
"details": "SEVD-2015-054-02 - InTouch Machine Edition 2014",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "This document is intended to help provide an overview of the identified vulnerability and actions required to mitigate it",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "To obtain full details on the issues and assistance on how to protect your installation, please contact your local Schneider Electric representative",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "These organizations will be fully aware of the situation and can support you through the process",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "For further information on vulnerabilities in Schneider Electric\u2019s products, please visit Schneider Electric\u2019s cybersecurity web page at: (http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page"
},
{
"category": "mitigation",
"details": "Wonderware Security Bulletin LFSEC00000108 - InTouch Machine Edition Security Vulnerability",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "This document is intended to provide an overview of the identified vulnerability and actions required to mitigate it",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "To obtain full details on the issues and assistance on how to protect your installation, please contact your Wonderware Global Custom Support representative",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "These organizations will be fully aware of the situation and can support you through the process",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "(https://gcsresource.invensys.com/support/docs/_securitybulletins/Security_bulletin_LFSEC00000108.pdf)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://gcsresource.invensys.com/support/docs/_securitybulletins/Security_bulletin_LFSEC00000108.pdf"
},
{
"category": "mitigation",
"details": "For further information on vulnerabilities in Wonderware\u2019s products, please visit Global Customer Support\u2019s Security Central web page at: (https://softwaresupportsp.invensys.com/Pages/securitycentral.aspx)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "https://softwaresupportsp.invensys.com/Pages/securitycentral.aspx"
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 5.2,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:P/A:N",
"version": "2.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
}
]
}
icsa-15-085-01
Vulnerability from csaf_cisa
Published
2015-12-27 07:00
Modified
2025-06-05 22:06
Summary
Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-15-085-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2015/icsa-15-085-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-15-085-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-15-085-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities",
"tracking": {
"current_release_date": "2025-06-05T22:06:04.803381Z",
"generator": {
"date": "2025-06-05T22:06:04.803339Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-15-085-01",
"initial_release_date": "2015-12-27T07:00:00.000000Z",
"revision_history": [
{
"date": "2015-12-27T07:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-05T22:06:04.803381Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=7.1.3.2",
"product": {
"name": "Schneider Electric InduSoft Web Studio: \u003c=7.1.3.2",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "InduSoft Web Studio"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=7.1.3.2",
"product": {
"name": "Schneider Electric InTouch Machine Edition 2014: \u003c=7.1.3.2",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "InTouch Machine Edition 2014"
}
],
"category": "vendor",
"name": "Schneider Electric"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-0996",
"cwe": {
"id": "CWE-798",
"name": "Use of Hard-coded Credentials"
},
"notes": [
{
"category": "summary",
"text": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project files and Project Configuration files, which makes it easier for local users to obtain sensitive information by discovering this password.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric has two divisions supporting this product under separate organizations. Patch availability and technical information is available at these separate divisional support units. Schneider Electric has issued separate security notices for each specific division/product support center.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "SEVD-2015-054-01 \u2013 InduSoft Web Studio Schneider Electric has released patches, available for download, to remediate the noted vulnerabilities. The patch for InduSoft Web Studio, Version 7.1.3.4, Service Pack 3, Patch 4, is available for download using this URL: (http://www.indusoft.com/dev/INDUSOFT/Release/IWS71.3.4/IWS71.3.4.zip)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "http://www.indusoft.com/dev/INDUSOFT/Release/IWS71.3.4/IWS71.3.4.zip"
},
{
"category": "mitigation",
"details": "SEVD-2015-054-02 - InTouch Machine Edition 2014 This document is intended to help provide an overview of the identified vulnerability and actions required to mitigate it. To obtain full details on the issues and assistance on how to protect your installation, please contact your local Schneider Electric representative. These organizations will be fully aware of the situation and can support you through the process. For further information on vulnerabilities in Schneider Electric\u2019s products, please visit Schneider Electric\u2019s cybersecurity web page at: (http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page"
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 4.7,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2015-0997",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "summary",
"text": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes it easier for remote attackers to obtain access via a brute-force password-guessing attack.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric has two divisions supporting this product under separate organizations. Patch availability and technical information is available at these separate divisional support units. Schneider Electric has issued separate security notices for each specific division/product support center.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "SEVD-2015-054-01 \u2013 InduSoft Web Studio Schneider Electric has released patches, available for download, to remediate the noted vulnerabilities. The patch for InduSoft Web Studio, Version 7.1.3.4, Service Pack 3, Patch 4, is available for download using this URL: (http://www.indusoft.com/dev/INDUSOFT/Release/IWS71.3.4/IWS71.3.4.zip)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "http://www.indusoft.com/dev/INDUSOFT/Release/IWS71.3.4/IWS71.3.4.zip"
},
{
"category": "mitigation",
"details": "SEVD-2015-054-02 - InTouch Machine Edition 2014 This document is intended to help provide an overview of the identified vulnerability and actions required to mitigate it. To obtain full details on the issues and assistance on how to protect your installation, please contact your local Schneider Electric representative. These organizations will be fully aware of the situation and can support you through the process. For further information on vulnerabilities in Schneider Electric\u2019s products, please visit Schneider Electric\u2019s cybersecurity web page at: (http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page"
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 3.3,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2015-0998",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "summary",
"text": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric has two divisions supporting this product under separate organizations. Patch availability and technical information is available at these separate divisional support units. Schneider Electric has issued separate security notices for each specific division/product support center.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "SEVD-2015-054-01 \u2013 InduSoft Web Studio Schneider Electric has released patches, available for download, to remediate the noted vulnerabilities. The patch for InduSoft Web Studio, Version 7.1.3.4, Service Pack 3, Patch 4, is available for download using this URL: (http://www.indusoft.com/dev/INDUSOFT/Release/IWS71.3.4/IWS71.3.4.zip)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "http://www.indusoft.com/dev/INDUSOFT/Release/IWS71.3.4/IWS71.3.4.zip"
},
{
"category": "mitigation",
"details": "SEVD-2015-054-02 - InTouch Machine Edition 2014 This document is intended to help provide an overview of the identified vulnerability and actions required to mitigate it. To obtain full details on the issues and assistance on how to protect your installation, please contact your local Schneider Electric representative. These organizations will be fully aware of the situation and can support you through the process. For further information on vulnerabilities in Schneider Electric\u2019s products, please visit Schneider Electric\u2019s cybersecurity web page at: (http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page"
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 3.3,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
},
{
"cve": "CVE-2015-0999",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "summary",
"text": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Schneider Electric has two divisions supporting this product under separate organizations. Patch availability and technical information is available at these separate divisional support units. Schneider Electric has issued separate security notices for each specific division/product support center.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
]
},
{
"category": "mitigation",
"details": "SEVD-2015-054-01 \u2013 InduSoft Web Studio Schneider Electric has released patches, available for download, to remediate the noted vulnerabilities. The patch for InduSoft Web Studio, Version 7.1.3.4, Service Pack 3, Patch 4, is available for download using this URL: (http://www.indusoft.com/dev/INDUSOFT/Release/IWS71.3.4/IWS71.3.4.zip)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "http://www.indusoft.com/dev/INDUSOFT/Release/IWS71.3.4/IWS71.3.4.zip"
},
{
"category": "mitigation",
"details": "SEVD-2015-054-02 - InTouch Machine Edition 2014 This document is intended to help provide an overview of the identified vulnerability and actions required to mitigate it. To obtain full details on the issues and assistance on how to protect your installation, please contact your local Schneider Electric representative. These organizations will be fully aware of the situation and can support you through the process. For further information on vulnerabilities in Schneider Electric\u2019s products, please visit Schneider Electric\u2019s cybersecurity web page at: (http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page)",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002"
],
"url": "http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page"
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 5.2,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:P/A:N",
"version": "2.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002"
]
}
]
}
]
}
var-201503-0064
Vulnerability from variot
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file. Schneider Electric InduSoft Web Studio and InTouch Machine Edition are both embedded HMI software packages from Schneider Electric, France. Multiple Schneider Electric products are prone to a local information-disclosure vulnerability. This product provides HMI clients with read, write tag and event monitoring capabilities
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201503-0064",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wonderware intouch 2014",
"scope": "eq",
"trust": 1.2,
"vendor": "schneider electric",
"version": "7.1"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 1.2,
"vendor": "schneider electric",
"version": "7.1"
},
{
"model": "edge",
"scope": "lt",
"trust": 1.0,
"vendor": "aveva",
"version": "7.1.3.4"
},
{
"model": "wonderware intouch 2014",
"scope": "lt",
"trust": 1.0,
"vendor": "schneider electric",
"version": "7.1.3.4"
},
{
"model": "indusoft web studio",
"scope": "lt",
"trust": 0.8,
"vendor": "schneider electric",
"version": "7.1.3.4 sp3 patch 4"
},
{
"model": "intouch machine edition 2014",
"scope": "lt",
"trust": 0.8,
"vendor": "schneider electric",
"version": "7.1.3.4 sp3 patch 4"
},
{
"model": "electric indusoft web studio sp3 patch",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "7.1.3.44"
},
{
"model": "electric intouch machine edition sp3 patch",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider",
"version": "2014(\u003c7.1.3.44)"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "indusoft web studio",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "wonderware intouch 2014",
"version": "*"
},
{
"model": "intouch machine edition",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "20147.1.3.2"
},
{
"model": "indusoft web studio",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.2"
},
{
"model": "indusoft web studio sp patch",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "7.1.3.434"
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1"
},
{
"db": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"db": "BID",
"id": "73389"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-618"
},
{
"db": "NVD",
"id": "CVE-2015-0999"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:schneider_electric:indusoft_web_studio",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:schneider_electric:wonderware_intouch_2014",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gleb Gritsai, Ilya Karpov, and Kirill Nesterov of Positive Technologies Security Lab and Alisa Esage Shevcheckno",
"sources": [
{
"db": "BID",
"id": "73389"
}
],
"trust": 0.3
},
"cve": "CVE-2015-0999",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2015-0999",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2015-02056",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "9a39670e-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.2,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-78945",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-0999",
"trust": 1.0,
"value": "LOW"
},
{
"author": "NVD",
"id": "CVE-2015-0999",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2015-02056",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201503-618",
"trust": 0.6,
"value": "LOW"
},
{
"author": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1",
"trust": 0.2,
"value": "LOW"
},
{
"author": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-78945",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1"
},
{
"db": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"db": "VULHUB",
"id": "VHN-78945"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-618"
},
{
"db": "NVD",
"id": "CVE-2015-0999"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file. Schneider Electric InduSoft Web Studio and InTouch Machine Edition are both embedded HMI software packages from Schneider Electric, France. Multiple Schneider Electric products are prone to a local information-disclosure vulnerability. This product provides HMI clients with read, write tag and event monitoring capabilities",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0999"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"db": "BID",
"id": "73389"
},
{
"db": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1"
},
{
"db": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "VULHUB",
"id": "VHN-78945"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-0999",
"trust": 3.8
},
{
"db": "ICS CERT",
"id": "ICSA-15-085-01",
"trust": 2.8
},
{
"db": "SCHNEIDER",
"id": "SEVD-2015-054-01",
"trust": 2.3
},
{
"db": "SCHNEIDER",
"id": "SEVD-2015-054-02",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-201503-618",
"trust": 1.1
},
{
"db": "CNVD",
"id": "CNVD-2015-02056",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996",
"trust": 0.8
},
{
"db": "BID",
"id": "73389",
"trust": 0.4
},
{
"db": "IVD",
"id": "7D7F27C2-463F-11E9-8462-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "9A39670E-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-78945",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1"
},
{
"db": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"db": "VULHUB",
"id": "VHN-78945"
},
{
"db": "BID",
"id": "73389"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-618"
},
{
"db": "NVD",
"id": "CVE-2015-0999"
}
]
},
"id": "VAR-201503-0064",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1"
},
{
"db": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"db": "VULHUB",
"id": "VHN-78945"
}
],
"trust": 1.8657392000000002
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 1.0
}
],
"sources": [
{
"db": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1"
},
{
"db": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02056"
}
]
},
"last_update_date": "2024-11-23T22:01:52.798000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "InduSoft Web Studio Vulnerabilities",
"trust": 0.8,
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01"
},
{
"title": "InTouch Machine Edition 2014 Vulnerabilities",
"trust": 0.8,
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02"
},
{
"title": "Patch for Schneider Electric InduSoft Web Studio and InTouch Machine Edition Information Disclosure Vulnerability (CNVD-2015-02056)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/56788"
},
{
"title": "IWS71.3.4",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=54647"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-618"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78945"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"db": "NVD",
"id": "CVE-2015-0999"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-085-01"
},
{
"trust": 2.3,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-054-01"
},
{
"trust": 1.7,
"url": "http://download.schneider-electric.com/files?p_doc_ref=sevd-2015-054-02"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0999"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0999"
},
{
"trust": 0.3,
"url": "http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"db": "VULHUB",
"id": "VHN-78945"
},
{
"db": "BID",
"id": "73389"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-618"
},
{
"db": "NVD",
"id": "CVE-2015-0999"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1"
},
{
"db": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"db": "VULHUB",
"id": "VHN-78945"
},
{
"db": "BID",
"id": "73389"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-618"
},
{
"db": "NVD",
"id": "CVE-2015-0999"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-31T00:00:00",
"db": "IVD",
"id": "7d7f27c2-463f-11e9-8462-000c29342cb1"
},
{
"date": "2015-03-31T00:00:00",
"db": "IVD",
"id": "9a39670e-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2015-03-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"date": "2015-03-29T00:00:00",
"db": "VULHUB",
"id": "VHN-78945"
},
{
"date": "2015-03-26T00:00:00",
"db": "BID",
"id": "73389"
},
{
"date": "2015-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"date": "2015-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-618"
},
{
"date": "2015-03-29T10:59:08.477000",
"db": "NVD",
"id": "CVE-2015-0999"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-31T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-02056"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-78945"
},
{
"date": "2015-03-26T00:00:00",
"db": "BID",
"id": "73389"
},
{
"date": "2015-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-001996"
},
{
"date": "2021-05-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201503-618"
},
{
"date": "2024-11-21T02:24:06.687000",
"db": "NVD",
"id": "CVE-2015-0999"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "73389"
},
{
"db": "CNNVD",
"id": "CNNVD-201503-618"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric InduSoft Web Studio Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-001996"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201503-618"
}
],
"trust": 0.6
}
}
fkie_cve-2015-0999
Vulnerability from fkie_nvd
Published
2015-03-29 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01 | Patch, Vendor Advisory | |
| ics-cert@hq.dhs.gov | http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02 | Patch, Vendor Advisory | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aveva | aveva_edge | * | |
| schneider-electric | wonderware_intouch_2014 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aveva:aveva_edge:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9320F153-84EC-4722-AD6D-D24963D152CD",
"versionEndExcluding": "7.1.3.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:schneider-electric:wonderware_intouch_2014:*:*:*:*:machine:*:*:*",
"matchCriteriaId": "26601A30-9851-42EF-BEF7-2C50D7AE920F",
"versionEndExcluding": "7.1.3.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file."
},
{
"lang": "es",
"value": "Schneider Electric InduSoft Web Studio anterior a 7.1.3.4 SP3 Patch 4 e InTouch Machine Edition 2014 anterior a 7.1.3.4 SP3 Patch 4 almacenan las credenciales de usuarios OPC en texto claro en un fichero de configuraci\u00f3n, lo que permite a usuarios locales obtener informaci\u00f3n sensible mediante la lectura de este fichero."
}
],
"id": "CVE-2015-0999",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-29T10:59:08.477",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-w5xj-jgc6-7cv5
Vulnerability from github
Published
2022-05-13 01:10
Modified
2022-05-13 01:10
VLAI Severity ?
Details
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file.
{
"affected": [],
"aliases": [
"CVE-2015-0999"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2015-03-29T10:59:00Z",
"severity": "LOW"
},
"details": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file.",
"id": "GHSA-w5xj-jgc6-7cv5",
"modified": "2022-05-13T01:10:05Z",
"published": "2022-05-13T01:10:05Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0999"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01"
},
{
"type": "WEB",
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01"
},
{
"type": "WEB",
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02"
}
],
"schema_version": "1.4.0",
"severity": []
}
cnvd-2015-02056
Vulnerability from cnvd
Title: Schneider Electric InduSoft Web Studio和InTouch Machine Edition信息泄露漏洞(CNVD-2015-02056)
Description:
Schneider Electric InduSoft Web Studio和InTouch Machine Edition都是法国施耐德电气(Schneider Electric)公司的一个嵌入式HMI软件包。
Schneider Electric InduSoft Web Studio 7.1.3.4 SP3 Patch 4之前版本和InTouch Machine Edition 2014 7.1.3.4 SP3 Patch 4之前版本中存在安全漏洞,该漏洞源于配置文件中存储明文的OPC用户证书。本地攻击者可通过读取文件利用该漏洞获取敏感信息。
Severity: 低
Patch Name: Schneider Electric InduSoft Web Studio和InTouch Machine Edition信息泄露漏洞(CNVD-2015-02056)的补丁
Patch Description:
Schneider Electric InduSoft Web Studio和InTouch Machine Edition都是法国施耐德电气(Schneider Electric)公司的一个嵌入式HMI软件包。 Schneider Electric InduSoft Web Studio 7.1.3.4 SP3 Patch 4之前版本和InTouch Machine Edition 2014 7.1.3.4 SP3 Patch 4之前版本中存在安全漏洞,该漏洞源于配置文件中存储明文的OPC用户证书。本地攻击者可通过读取文件利用该漏洞获取敏感信息。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description:
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02 http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01
Reference: http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01
Impacted products
| Name | ['Schneider Electric InduSoft Web Studio <7.1.3.4 SP3 Patch 4', 'Schneider Electric InTouch Machine Edition 2014(<7.1.3.4 SP3 Patch 4)'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2015-0999"
}
},
"description": "Schneider Electric InduSoft Web Studio\u548cInTouch Machine Edition\u90fd\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u5d4c\u5165\u5f0fHMI\u8f6f\u4ef6\u5305\u3002\r\n\r\nSchneider Electric InduSoft Web Studio 7.1.3.4 SP3 Patch 4\u4e4b\u524d\u7248\u672c\u548cInTouch Machine Edition 2014 7.1.3.4 SP3 Patch 4\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u914d\u7f6e\u6587\u4ef6\u4e2d\u5b58\u50a8\u660e\u6587\u7684OPC\u7528\u6237\u8bc1\u4e66\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8bfb\u53d6\u6587\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002",
"discovererName": "Schneider Electric",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02\r\nhttp://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2015-02056",
"openTime": "2015-03-31",
"patchDescription": "Schneider Electric InduSoft Web Studio\u548cInTouch Machine Edition\u90fd\u662f\u6cd5\u56fd\u65bd\u8010\u5fb7\u7535\u6c14\uff08Schneider Electric\uff09\u516c\u53f8\u7684\u4e00\u4e2a\u5d4c\u5165\u5f0fHMI\u8f6f\u4ef6\u5305\u3002\r\nSchneider Electric InduSoft Web Studio 7.1.3.4 SP3 Patch 4\u4e4b\u524d\u7248\u672c\u548cInTouch Machine Edition 2014 7.1.3.4 SP3 Patch 4\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u914d\u7f6e\u6587\u4ef6\u4e2d\u5b58\u50a8\u660e\u6587\u7684OPC\u7528\u6237\u8bc1\u4e66\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8bfb\u53d6\u6587\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Schneider Electric InduSoft Web Studio\u548cInTouch Machine Edition\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2015-02056\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"Schneider Electric InduSoft Web Studio \u003c7.1.3.4 SP3 Patch 4",
"Schneider Electric InTouch Machine Edition 2014(\u003c7.1.3.4 SP3 Patch 4)"
]
},
"referenceLink": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01",
"serverity": "\u4f4e",
"submitTime": "2015-03-30",
"title": "Schneider Electric InduSoft Web Studio\u548cInTouch Machine Edition\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2015-02056\uff09"
}
gsd-2015-0999
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-0999",
"description": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file.",
"id": "GSD-2015-0999"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2015-0999"
],
"details": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file.",
"id": "GSD-2015-0999",
"modified": "2023-12-13T01:19:58.285684Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-0999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01",
"refsource": "CONFIRM",
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01"
},
{
"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02",
"refsource": "CONFIRM",
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:aveva:aveva_edge:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.1.3.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:wonderware_intouch_2014:*:*:*:*:machine:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.1.3.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-0999"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allows local users to obtain sensitive information by reading this file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01"
},
{
"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-02"
},
{
"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-054-01"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2021-05-14T15:23Z",
"publishedDate": "2015-03-29T10:59Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…