Administrators are advised to allow only trusted users to have local access. The vulnerability is due to improper security restrictions imposed by the affected software. Indicators of Compromise The following Alstom products are affected:
|Date Added:||3 August 2018|
|File Size:||37.50 Mb|
|Operating Systems:||Windows NT/2000/XP/2003/2003/7/8/10 MacOS 10/X|
|Price:||Free* [*Free Regsitration Required]|
Administrators are advised to allow only privileged users to access administration or management systems. Cisco Multivendor Atile Alerts respond to vulnerabilities identified in third-party vendors' products.
MiCOM S1 Studio - Downloads | Schneider Electric
Analysis To exploit this vulnerability, an attacker must have local access to a targeted device. The affected software does not properly protect installed executables from users on a targeted system. Administrators mocom advised to allow only trusted users to have local access.
A local attacker could exploit this vulnerability by replacing executables in the Program Files directory on the system with malicious content. Administrators are advised to apply the appropriate updates. Alstom has confirmed the vulnerability and released software updates. A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors.
The security vulnerability applies to the following combinations of products. These alerts contain information compiled from diverse sources and provide comprehensive technical descriptions, objective analytical assessments, workarounds and practical safeguards, and links to vendor advisories and patches.
MiCOM S1 Studio | Schneider Electric
Indicators of Compromise The following Alstom products are affected: Home Skip to content Skip to footer. If successful, the attacker could execute the malicious content, which could be used to conduct further attacks that could completely compromise the system. Safeguards Administrators are advised to apply the appropriate updates.
To exploit this vulnerability, an attacker must have local access to a targeted device. An attacker must have read and write permissions for the affected software to affect system availability; however, aagile Windows Service executable running under LocalSystem could be replaced, which could allow an attacker to elevate privileges on the system.
The vulnerability is due to improper security restrictions imposed by the affected software. The following Alstom products are affected: Alstom customers may obtain software updates by contacting the Alstom Grid Contact Centre via email at contact.
If a third-party software vulnerability is determined to affect a Cisco product, the vulnerability will be disclosed according to the Cisco Security Vulnerability Policy. This access requirement limits the possibility of a successful exploit. The information in this document is intended for end users of Cisco products.