Category Archives: Uncategorized

Siemens SINEMA CVE-2016-6204

Siemens SINEMA Remote Connect Server Cross-site Scripting Vulnerability

CROSS-SITE SCRIPTING

The integrated web server (Port 443/TCP) of the affected SINEMA Remote Connect Server could allow XSS attacks if unsuspecting users are tricked into accessing a malicious link.

DIFFICULTY

An attacker with a low skill would be able to exploit this vulnerability. Social engineering is required to convince the user into accessing a malicious link. This decreases the likelihood of a successful exploit.

MITIGATION

Siemens provides software update V1.2 for SINEMA Remote Connect Server which fixes the vulnerability and recommends users update to the new version. The software update for SINEMA Remote Connect Server can be obtained at:

https://support.industry.siemens.com/cs/ww/en/view/109737963

Schneider Electric SoMachine HVAC

Schneider Electric SoMachine HVAC Unsafe ActiveX Control Vulnerability

CVE-2016-4529

maxresdefault

An unsafe ActiveX control vulnerability in Schneider Electric’s SoMachine software.

  • SoMachine HVAC-Application Version 2.0.2 and previous.

IMPACT

An exploitation of this vulnerability may allow an attacker to remotely execute arbitrary code.

BACKGROUND

Schneider Electric’s corporate headquarters is located in Paris, France, and it maintains offices in more than 100 countries worldwide.

The affected product, SoMachine, is software for developing, configuring, and commissioning a machine in a single software environment, including logic, motion control, HMI, and related network automation functions.

VULNERABILITY

An ActiveX control is intended for restricted use, but it has been marked as safe-for-scripting.

EXPLOITABILITY

This vulnerability could be exploited remotely.

EXISTENCE OF EXPLOIT

No known public exploits specifically target this vulnerability.

MITIGATION

Schneider Electric has released a patch that resolves the vulnerability. Schneider Electric’s patch is available at the following location:

 

Schneider Electric Pelco Digital Sentry

Schneider Electric Pelco Digital Sentry Video Management System Vulnerability

CVE-2016-4520

DSSRV IP Video

A hard-coded credential vulnerability in Schneider Electric’s Pelco Digital Sentry Video Management System. Schneider Electric has produced a new firmware version to mitigate this vulnerability.

AFFECTED PRODUCTS

  • Pelco Digital Sentry Video Management System, versions prior to Version 7.13

IMPACT

Successful exploitation of this vulnerability may allow an attacker to gain access to execute code on the affected system.

VULNERABILITY

The affected product, Pelco Digital Sentry Video Management System, is a video recording system. According to Schneider Electric, Pelco Digital Sentry Video Management System is deployed across several sectors including Commercial Facilities. Schneider Electric estimates that these products are used worldwide.

VULNERABILITY

The affected system contains hard-coded credentials that may allow an attacker to gain access to confidential information or execute code on the affected system.

EXPLOITABILITY

This vulnerability could be exploited remotely.

MITIGATION

Schneider Electric has produced new firmware, Version 7.14, for the Pelco Digital Sentry Video Management System.