|2017-01-24||Other||Schneider Electric||Ruslan Habalov and Jan Bee of the Google ISA Assessments Team discovered this vulnerability.
# Schneider Electric Wonderware Historian
### VULNERABLE VENDOR
### VULNERABLE PRODUCT
Ruslan Habalov and Jan Bee of the Google ISA Assessments Team discovered this vulnerability.
### AFFECTED PRODUCTS
The following Wonderware Historian versions are affected:
Wonderware Historian 2014 R2 SP1 P01 and earlier.
Successful exploitation of this vulnerability could allow a malicious entity to compromise Historian databases. In some installation scenarios, SQL resources beyond those created by Wonderware Historian may be compromised as well.
### VULNERABILITY OVERVIEW
CREDENTIALS MANAGEMENT CWE-255
Wonderware Historian creates logins with default passwords, which can allow a malicious entity to compromise Historian databases.
In some installation scenarios, resources beyond those created by Wonderware Historian may be compromised as well.
CVE-2017-5155 has been assigned to this vulnerability.
A CVSS v3 base score of 7.3 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Schneider Electric strongly recommends that the following steps be taken to mitigate this vulnerability:
Identify where the logins are used. Some likely places for the logins to have been used are:
Wonderware Historian Client,
Wonderware InTouch and Application Object scripts,
Wonderware Information Server configuration, and
Custom applications not supplied by Schneider Electric that interact with Historian data.
Logins that are not used should be disabled from the SQL Server Management Studio.
For logins that are still in use, the passwords should be changed from the default.
For an increased level of security, Schneider Electric and Microsoft further advise that connectivity to SQL Server be accomplished with Windows Integrated Security as opposed to using native SQL logins.