CVE-2018-8840
https://notcve.org/view.php?id=CVE-2018-8840
A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution. Un atacante remoto podría enviar un paquete cuidadosamente manipulado en InduSoft Web Studio, en versiones 8.1 y anteriores, y/o en InTouch Machine Edition 2017, en versiones 8.1 y anteriores, durante una acción relacionada con una etiqueta, alarma o evento como la lectura o escritura. Esto podría permitir la ejecución remota de código. • http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000125 http://www.securityfocus.com/bid/103949 https://ics-cert.us-cert.gov/advisories/ICSA-18-107-01 https://www.tenable.com/security/research/tra-2018-07 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVE-2015-7375
https://notcve.org/view.php?id=CVE-2015-7375
Schneider Electric InduSoft Web Studio before 8.0 allows remote attackers to execute arbitrary code or cause a denial of service (unhandled runtime exception and application crash) via a crafted Indusoft Project file. Vulnerabilidad en Schneider Electric InduSoft Web Studio en versiones anteriores a 8.0, permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (excepción de tiempo de ejecución no manejada y caída de la aplicación) a través de un archivo Indusoft Project. • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-251-01 • CWE-20: Improper Input Validation •
CVE-2015-7374 – InduSoft Web Studio Remote Agent Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-7374
The Remote Agent component in Schneider Electric InduSoft Web Studio before 8.0 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-2649. Vulnerabilidad en el componente Remote Agent en Schneider Electric InduSoft Web Studio en versiones anteriores a 8.0, permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados, también conocida como ZDI-CAN-2649. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of InduSoft WebStudio. User interaction is not required to exploit this vulnerability. The specific flaw exists within the Remote Agent service listening on TCP port 1234. The issue lies in the lack of authentication, allowing attackers to execute remote API calls on the service. • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-251-01 http://www.zerodayinitiative.com/advisories/ZDI-15-451 • CWE-20: Improper Input Validation •
CVE-2015-1009
https://notcve.org/view.php?id=CVE-2015-1009
Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local users to obtain sensitive information by reading a file. Vulnerabilidad en Schneider Electric InduSoft Web Studio en versiones anteriores a 7.1.3.5 Patch 5 y Wonderware InTouch Machine Edition hasta la versión 7.1 SP3 Patch 4, utiliza almacenamiento de contraseñas en texto plano para project-window, lo que permite a usuarios locales obtener información sensible mediante la lectura de un archivo. • http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-100-01 https://gcsresource.invensys.com/support/docs/_securitybulletins/Security_bulletin_LFSEC00000110.pdf https://ics-cert.us-cert.gov/advisories/ICSA-15-211-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2014-0780 – InduSoft Web Studio NTWebServer Directory Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2014-0780
Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote attackers to read administrative passwords in APP files, and consequently execute arbitrary code, via unspecified web requests. Vulnerabilidad de salto de directorio en NTWebServer en InduSoft Web Studio 7.1 anterior a SP2 Patch 4 permite a a atacantes remotos leer contraseñas de autenticación en archivos APP, y como consecuencia ejecutar código arbitrario, a través de solicitudes web no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Indusoft Web Studio. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ability to browse outside of the web root via directory traversal. A remote attacker can abuse this to download sensitive files and execute remote code under the context of the user. • https://www.exploit-db.com/exploits/42699 http://ics-cert.us-cert.gov/advisories/ICSA-14-107-02 http://www.securityfocus.com/bid/67056 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •