Schneider Electric IIoT Monitor (Update A)

Published

2019-01-08 15:00:22 UTC

Summary

This updated advisory is a follow-up to the original advisory titled ICSA-19-008-02 Schneider Electric IIoT Monitor that was published January 08, 2019, on the NCCIC/ICS-CERT website. This updated advisory includes mitigations for path traversal, unrestricted upload of file with dangerous type, and XXE vulnerabilities in the Schneider Electric IIoT Monitor software.