Schneider Patches Ampla MES Holes

Friday, July 7, 2017 @ 05:07 PM gHale


Schneider Electric released a new software version to mitigate a cleartext transmission of sensitive information and inadequate encryption strength vulnerabilities in its Ampla MES, according to a report with ICS-CERT.

Schneider Electric said the vulnerability, discovered by Ilya Karpov from Positive Technologies who reported them directly to Schneider, affects the Ampla MES versions 6.4 and prior.

RELATED STORIES
Schneider Patches Wonderware ArchestrA Logger
Siemens SIPROTEC 4, SIPROTEC Compact Issues
New Firmware for Siemens Reyrolle
Siemens Mitigates Building Controller Holes

Successful exploitation of this vulnerability could compromise credentials used to connect to third-party databases or compromise credentials of Ampla users configured with Simple Security.

No known public exploits specifically target these vulnerabilities. However, an attacker with low skill level could leverage the vulnerabilities.

Ampla MES provides capability to interact with data from third party databases. When connectivity to those databases is configured to use a SQL user name and password, an attacker may be able to sniff details from the connection string.

Note when the third party database connectivity is configured with Windows Integrated Security as opposed to SQL username and password, the software is not vulnerable.

CVE-2017-9637 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.7.

In addition, Ampla MES provides capability to configure users and their privileges. When Ampla MES users are configured to use Simple Security, a weakness in the password hashing algorithm could end up exploited to reverse the user’s password.

Note when Ampla MES is configured to use Windows Integrated Security as opposed to Simple Security, the software is not vulnerable.

CVE-2017-9635 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 4.2.

The product sees use in the critical manufacturing and water and wastewater systems sectors. It sees action on a global basis.

Paris, France-based Schneider Electric recommends users of Ampla MES versions 6.4 and prior should upgrade to Ampla MES version 6.5 as soon as possible. Software updates can be downloaded from Schneider Electric’s Ampla Support “Shopping Kiosk” area or from this link.

For more information, users of affected products can read Schneider Electric’s Ampla Security Bulletin LFSEC00000118.



Leave a Reply

You must be logged in to post a comment.