Schneider Electric InduSoft Web Studio < Multiple Information Disclosures (SEVD-2015-054-01)

Medium Nessus Plugin ID 84263


The InduSoft Web Studio software running on the remote host is affected by multiple information disclosure vulnerabilities.


According to its self-reported version, the installation of Schneider Electric InduSoft Web Studio running on the remote host is prior to It is, therefore, affected by the multiple information disclosure vulnerabilities :

- A hard-coded plaintext password is used to control read access to files. A local attacker can exploit this to access sensitive information stored in project and project configuration files. (CVE-2015-0996)

- The HMI user interface presents valid usernames to the screen when connecting to the server via the HMI. A remote attacker can use this information to conduct brute-force password attacks. (CVE-2015-0997)

- User credentials are transmitted in cleartext. A man-in-the-middle attacker can exploit this, by sniffing the network, to obtain user credentials. (CVE-2015-0998)

- OPC user credentials are stored in plaintext in a configuration file. A local attacker can exploit this to obtain user credentials. (CVE-2015-0999)


Upgrade to Schneider Electric InduSoft Web Studio or later.

See Also

Plugin Details

Severity: Medium

ID: 84263

File Name: scada_indusoft_web_studio_SEVD_2015-054-01.nbin

Version: $Revision: 1.26 $

Type: remote

Family: SCADA

Published: 2015/06/18

Modified: 2018/01/29

Dependencies: 84262

Risk Information

Risk Factor: Medium


Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:schneider_electric:indusoft_web_studio

Required KB Items: installed_sw/InduSoft Web Studio HTTP Server

Patch Publication Date: 2015/02/23

Vulnerability Publication Date: 2015/02/23

Reference Information

CVE: CVE-2015-0996, CVE-2015-0997, CVE-2015-0998, CVE-2015-0999

BID: 73378, 73386, 73387, 73389

OSVDB: 118955, 118956, 118957, 118958

ICSA: 15-085-01A