User Interface Vulnerability in Schneider Electric InduSoft Web Studio and InTouch Machine Edition
CVE-2015-0997

Currently unrated

Key Information:

Vendor

Schneider Electric
Status
Wonderware Intouch 2014
Aveva Edge
Vendor
CVE Published:
29 March 2015

What is CVE-2015-0997?

Schneider Electric InduSoft Web Studio and InTouch Machine Edition exhibit a user interface vulnerability that reveals all valid usernames to users. This exposure significantly lowers the barrier for attackers seeking unauthorized access through brute-force password-guessing techniques. The affected versions before specified patches enable easier exploitation, thus emphasizing the need for immediate updates to safeguard systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://download.schneider-electric.com/files?p_Doc_Ref=SE...
x_refsource_CONFIRM
https://ics-cert.us-cert.gov/advisories/ICSA-15-085-01
x_refsource_MISC
http://download.schneider-electric.com/files?p_Doc_Ref=SE...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.