Today the DHS ICS-CERT published a control system security advisory for
a credential management vulnerability in the Schneider Electric Wonderware
Intelligence application. This is a self-reported vulnerability. Schneider has
produced a new version that mitigates the vulnerability.
ICS-CERT reports that a relatively low skilled attacker
could remotely exploit the vulnerability to escalate its privilege to an
administrator and take control over the host machine where Tableau Server is
installed.
According to the Schneider security
bulletin, the problem is with the third-party program Tableau Server. Schneider
provides a link to the Tableau security
bulletin. That bulletin notes that: “The Tableau Server installation
process leaves an account enabled that can allow an unauthorized remote
attacker to gain access and perform administrative functions. This
vulnerability does not affect installations that are configured to use Active
Directory authentication.”
There is no indication in this ICS-CERT advisory that the Tableau
Server is (or is not) used by any other ICS vendor.
Posts
No comments:
Post a Comment