|2017-03-30||Other||Schneider Electric||Ruslan Habalov and Jan Bee of the Google ISA Assessments Team identified these vulnerabilities.||N/A||CVE-2017-5156 CVE-2017-5158 CVE-2017-5160 ||N/A||N/A||N/A|
# Schneider Electric Wonderware InTouch Access Anywhere
### VULNERABLE VENDOR
### VULNERABLE PRODUCT
Wonderware InTouch Access Anywhere
Ruslan Habalov and Jan Bee of the Google ISA Assessments Team identified these vulnerabilities.
### AFFECTED PRODUCTS
The following Wonderware InTouch Access Anywhere versions are affected:
Wonderware InTouch Access Anywhere, version 11.5.2 and prior.
Successful exploitation of these vulnerabilities could allow an attacker to perform actions on behalf of a legitimate user, perform network reconnaissance, and gain access to resources beyond those intended with normal operation of the product.
### VULNERABILITY OVERVIEW
CROSS-SITE REQUEST FORGERY CWE-352
The client request may be forged from a different site.
This will allow an external site to access internal RDP systems on behalf of the currently logged in user.
CVE-2017-5156 has been assigned to this vulnerability.
A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
INFORMATION EXPOSURE CWE-200
Credentials may be exposed to external systems via specific URL parameters, as arbitrary destination addresses may be specified.
CVE-2017-5158 has been assigned to this vulnerability.
A CVSS v3 base score of 6.5 has been calculated by Schneider Electric; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
INADEQUATE ENCRYPTION STRENGTH CWE-326
The software will connect via Transport Layer Security without verifying the peer's SSL certificate properly.
CVE-2017-5160 has been assigned to this vulnerability.
A CVSS v3 base score of 5.3 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N)
Critical Infrastructure Sectors: Critical Manufacturing, Energy, Healthcare and Public Health, and Water and Wastewater Systems
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Paris, France
Schneider Electric has released a new software version to address the identified vulnerabilities and recommends that users of affected versions upgrade to Wonderware InTouch Access Anywhere 2017 (17.0.0).
Users of Wonderware InTouch Access Anywhere can login at the following support site to download the upgrade:
Schneider Electric has issued Security Bulletin LFSEC00000114, which contains additional information: