SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-346527738] Schneider Electric Wonderware Historian

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2017-01-24OtherSchneider ElectricRuslan Habalov and Jan BeeN/ACVE-2017-5155 N/AN/AN/A

Source

						
							
								
#
# Schneider Electric Wonderware Historian
#


### VULNERABLE VENDOR
Schneider Electric



### VULNERABLE PRODUCT
Wonderware Historian



### RESEARCHER
Ruslan Habalov and Jan Bee



### AFFECTED PRODUCTS

The following Wonderware Historian versions are affected:
Wonderware Historian 2014 R2 SP1 P01 and earlier.



### IMPACT

Successful exploitation of this vulnerability could allow a malicious entity to compromise Historian databases. In some installation scenarios, SQL resources beyond those created by Wonderware Historian may be compromised as well.



### BACKGROUND

CREDENTIALS MANAGEMENT CWE-255
Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases. In some installation scenarios, resources beyond those created by Wonderware Historian may be compromised as well.
CVE-2017-5155 has been assigned to this vulnerability. A CVSS v3 base score of 7.3 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).



### MITIGATION

Schneider Electric strongly recommends that the following steps be taken to mitigate this vulnerability:

1. Identify where the logins are used. Some likely places for the logins to have been used are:
	a. Wonderware Historian Client,
	b. Wonderware InTouch and Application Object scripts,
	c. Wonderware Information Server configuration, and
	d. Custom applications not supplied by Schneider Electric that interact with Historian data.

2. Logins that are not used should be disabled from the SQL Server Management Studio.

3. For logins that are still in use, the passwords should be changed from the default.

For an increased level of security, Schneider Electric and Microsoft further advise that connectivity to SQL Server be accomplished with Windows Integrated Security as opposed to using native SQL logins.