← Back to home
ICSA-15-085-01A  ·  Published 2025-06-06  ·  View on CISA ICS-CERT ↗

Schneider Electric InduSoft Web Studio and InTouch Machine Edition 2014 Vulnerabilities (Update A)

CVSS 2.1 LOW

CVEs (1)

Remediations

  • Schneider Electric has two divisions supporting this product under separate organizations
  • Patch availability and technical information is available at these separate divisional support units
  • Schneider Electric has issued separate security notices for each specific division/product support center
  • SEVD-2015-054-01 - InduSoft Web Studio
  • Schneider Electric has released patches, available for download, to remediate the noted vulnerabilities
  • The patch for InduSoft Web Studio, Version 7.1.3.4, Service Pack 3, Patch 4, is available for download using this URL: (http://www.indusoft.com/dev/INDUSOFT/Release/IWS71.3.4/IWS71.3.4.zip)
  • SEVD-2015-054-02 - InTouch Machine Edition 2014
  • This document is intended to help provide an overview of the identified vulnerability and actions required to mitigate it
  • To obtain full details on the issues and assistance on how to protect your installation, please contact your local Schneider Electric representative
  • These organizations will be fully aware of the situation and can support you through the process
  • For further information on vulnerabilities in Schneider Electric’s products, please visit Schneider Electric’s cybersecurity web page at: (http://www2.schneider-electric.com/sites/corporate/en/support/cybersecurity/cybersecurity.page)
  • Wonderware Security Bulletin LFSEC00000108 - InTouch Machine Edition Security Vulnerability
  • This document is intended to provide an overview of the identified vulnerability and actions required to mitigate it
  • To obtain full details on the issues and assistance on how to protect your installation, please contact your Wonderware Global Custom Support representative
  • (https://gcsresource.invensys.com/support/docs/_securitybulletins/Security_bulletin_LFSEC00000108.pdf)
  • For further information on vulnerabilities in Wonderware’s products, please visit Global Customer Support’s Security Central web page at: (https://softwaresupportsp.invensys.com/Pages/securitycentral.aspx)

Affected Vendors

Schneider Electric

Affected Products (2)

Schneider Electric · InduSoft Web Studio <=7.1.3.2
Schneider Electric · InTouch Machine Edition 2014 <=7.1.3.2

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more