Schneider Patches InTouch Buffer Overflow

Friday, January 9, 2015 @ 01:01 PM gHale


Schneider Electric Wonderware mitigated a stack-based buffer overflow vulnerability in its InTouch Access Anywhere Server product, according to a report on ICS-CERT.

The following Wonderware InTouch Access Anywhere Server versions suffer from the remotely exploitable issue:
• InTouch Access Anywhere Server, Version 10.6
• InTouch Access Anywhere Server, Version 11.0

RELATED STORIES
HART DTM Vulnerability Fixed
Network Time Protocol Vulnerabilities
Experion PKS Vulnerabilities Patched
Innominate Patches mGuard Hole

The successful exploitation of this vulnerability could cause a buffer overflow that may allow arbitrary code execution.

Schneider Electric’s corporate headquarters is in Paris, France, and it maintains offices in more than 100 countries worldwide.

The affected product, Wonderware InTouch Access Anywhere Server, provides access to InTouch applications through a web browser. According to Schneider Electric, Wonderware InTouch Access Anywhere Server sees use across several sectors including chemical, critical manufacturing, energy, food and agriculture, and water and wastewater systems. Schneider Electric said the Wonderware InTouch Access Anywhere Server product sees action globally.

An attacker could cause a stack-based buffer overflow by requesting a nonexistent file that may enable the execution of arbitrary code.

CVE-2014-9190 is the case number assigned to this vulnerability, which has a CVSS v2 base score of 10.

No known public exploits specifically target this vulnerability, but an attacker with low skill would be able to exploit this vulnerability.

Schneider Electric released a security update that mitigates the stack-based buffer overflow vulnerability in Wonderware’s InTouch Access Anywhere Server product, Versions 10.6 and 11.0. Schneider Electric’s security updates for Version 10.6 and Version 11.0 are available here with a user account.

Schneider Electric released a security bulletin titled InTouch Access Anywhere Server LFSEC00000104 to announce the security update, which is available here with a user account.



Leave a Reply

You must be logged in to post a comment.