← Back to home
ICSA-19-029-03  ·  Published 2019-01-29  ·  View on CISA ICS-CERT ↗

AVEVA Wonderware System Platform

CVSS 8.8 HIGH

Risk Summary

This vulnerability could allow unauthorized access to the credentials for the ArchestrA Network User Account.

CVEs (1)

Remediations

  • AVEVA recommends users using Wonderware System Platform 2017 Update 2 and prior should upgrade to System Platform 2017 Update 3 as soon as possible. This update can be downloaded from the following location (login required):
  • AVEVA has published Security Bulletin LFSEC00000135. It can be found at the following location:
  • AVEVA recommends that users secure industrial control systems according to NIST SP 800-82 Rev. 2:

Affected Vendors

AVEVA Software, LLC

Affected Products (1)

AVEVA Software, LLC · Wonderware System Platform 2017 <= 2

Affected Sectors

Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more