Doc ID                : ADV116
Version              : 3.0
Status                : Published
Published date : 12/17/2010
Categories  : FCS (InFusion)
I/A Series

Customer Advisory
Potential Security Vulnerability Has Been Discovered in Wonderware InBatch Server and
Foxboro I/A Series Batch Server
December
17, 2010


Schneider Electric is committed to ensuring that our customers and employees are kept current on issues that might affect or improve product, system or process operation. We are dedicated to providing product and application reliability, and exceptional client service.

Customer Advisories are intended to inform you of the possibility of a situation occurring at system installations, and the identified resolution. Invensys recommends that our customers consider taking action to help prevent occurrence of the identified situation during your production process.

A vulnerability has been discovered in InBatch Server and I/A Batch Server in all supported versions of Wonderware InBatch and I/A Series Batch. This vulnerability, if exploited, could allow Denial of Service, the consequence of which is a crash of the InBatch Server.

SITUATION

The Invensys cyber-security team is collaborating with the United States government (ICS-CERT) to ensure an appropriate and timely official public communication of the issue.

·         Invensys Operations Management has prepared Invensys Operations Management Security Bulletin LFSEC00000051

SYMPTOMS

The InBatch Server component contains a vulnerability that may allow Denial of Service in an unsecure deployment. The rating is medium and would require a malicious application that has access to port 9001 on the batch server and understands the protocol used on that port to send a partially valid message that overflows an internal buffer.

Any machine on which InBatch Server or I/A Series Batch server is installed is affected. No other components of Wonderware InBatch and I/A Series Batch are affected. Further mitigation beyond that identified in this Alert will be made available to customers running Wonderware InBatch and I/A Series Batch.


ACTIONS OR RESOLUTIONS

Additional mitigation, such as software updates to address the issue for all supported versions of affected products, is being prepared and will be communicated at a later date.

Until product updates are available, customers using versions of Wonderware InBatch and I/A Series Batch SHOULD make sure that their Batch Server is on a secured network inaccessible from the Internet.


FOR INFORMATION
If you have any questions regarding this article, please contact your local Service Representative or an Schneider Electric Support Center at:

GCS Center America's GCS Asia Pacific GCS EMEA GCS
Location Foxboro MA USA Shanghai Baarn NL
Phone +1-866-746-6477 +86 21 37180086  +31-3554-84125
Internationally +1-508-549-2424    
Fax +1-508-549-4999 +86 21 37180196 +31-3554-84230
Email America's GCS Asia Pacific GCS EMEA GCS

Regards,

John Petty
Director,
Global Customer Support

Distribution to Schneider Electric Customers and Internal Personnel Only
DO NOT REPRODUCE.
All trademarks are registered to their respective owners.
All brand names are property of their respective owners.

Advisory #: 2010060abi

©Schneider Electric. All rights reserved