ICSA-22-130-05
·
Published 2022-05-10
·
View on CISA ICS-CERT ↗
AVEVA InTouch Access Anywhere and Plant SCADA Access Anywhere
CVSS 7.4
HIGH
Risk Summary
Successful exploitation of this vulnerability could allow an authenticated user to escape from the context of the streamed application into the OS and launch arbitrary OS commands.
CVEs (1)
Remediations
- Disable the Windows language bar on the server machine hosting InTouch Access Anywhere and Plant SCADA Access Anywhere applications unless it is required.
- Create unique user accounts with minimal privileges dedicated only to remote access of InTouch Access Anywhere and Plant SCADA Access Anywhere applications.
- Utilize OS group policy objects (GPOs) to further restrict what those unique user accounts are allowed to do.
- Restrict access based on Microsoft's recommended block list.
- For more information on this vulnerability, including security updates, please see security bulletin AVEVA-2022-001
Affected Vendors
AVEVA Software, LLC
Affected Products (2)
AVEVA Software, LLC
·
AVEVA InTouch Access Anywhere
vers:all/*
AVEVA Software, LLC
·
AVEVA Plant SCADA Access Anywhere (formerly known as AVEVA Citect Anywhere and Schneider Electric Citect Anywhere)
vers:all/*
Affected Sectors
Chemical, Critical Manufacturing, Energy, Food and Agriculture, and Water and Wastewater Systems
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more