漏洞类别:Local
漏洞等级: 
漏洞信息
InduSoft Web Studio is a collection of automation tools that provide automation building blocks to develop HMIs, SCADA systems and embedded instrumentation solutions. InduSoft may also be integrated as a third-party application in control systems.
A Remote Code Execution vulnerability has been found in Schneider Electric InduSoft Web Studio which allows remote attackers to execute arbitrary code on the system.
Affected Versions:
Schneider Electric InduSoft Web Studio versions prior to 8.0
漏洞危害
A remote attacker could exploit this vulnerability to run arbitrary code on the system or cause denial of service (unhandled runtime exception and application crash) via a crafted Indusoft Project file.
解决方案
Customers are advised to upgrade to the latest version of the software available. For more information, please review theSchneider Indusoft Advisory
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论