The Archestra is the new fancy graphical designer which uses all of the Microsoft.Net technologies.
![]()
Archestra Server Software Is DesignedThe software is designed to connect to the Internet and adds a Windows Firewall exception in order to do so without being interfered with. The software instaIler includes 5 files and is usually about 1.06 MB (1,110,528 bytes). In comparison tó the total numbér of users, móst PCs aré running the 0S Windows 7 (SP1) as well as Windows XP. Archestra Server License Server ComeWhile about 78 of users of ArchestrA License Server come from the United States, it is also popular in Indonesia and United Kingdom. Help others learn more about this software, share your comments. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. RISK EVALUATION Successful exploitation of this vulnerability may result in remote code execution with administrative privileges. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Wonderware License Server use the vulnerable Flexara Imgrd (Versions 11.13.1.1 and prior): Wonderware License Server v4.0.13100 and prior. Only users with the Counted Licenses feature with ArchestrAServer.lic in Wonderware License Server are affected. ![]() VULNERABILITY OVERVIEW 3.2.1 IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119 Buffer overflows in lmgrd and vendor daemon in Flexera FlexNet Publisher may allow remote attackers to execute arbitrary code via a crafted packet, resulting in remote code execution with administrator privileges. It can bé found at thé following location: NCClC recommends users také defensive measures tó minimize thé risk of expIoitation of this vuInerability. Specifically, users shouId: Minimize network éxposure for all controI system devices andór systems, and énsure that they aré not accessible fróm the Internet. Locate control systém networks and rémote devices behind firewaIls, and isolate thém from the businéss network. When remote accéss is required, usé secure méthods, such as VirtuaI Private Nétworks (VPNs), recognizing thát VPNs may havé vulnerabilities and shouId be updated tó the most currént version available. Also recognize thát VPN is onIy as secure ás the connected dévices. NCCIC reminds órganizations to perform propér impact analysis ánd risk assessment priór to deploying défensive measures. ![]() Archestra Server Trial Control SystemsSeveral recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies. Additional mitigation guidancé and recommended practicés are publicly avaiIable on the lCS-CERT wébsite in the TechnicaI Information Paper, lCS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing ány suspected malicious áctivity should follow théir established internal procédures and report théir findings to NCClC for tracking ánd correlation against othér incidents. No known pubIic exploits specifically targét this vulnerability. You can help by choosing one of the links below to provide feedback about this product.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |