Aveva Alert
2970Warning Date
Severity Level
Warning Number
Target Sector
10 May, 2022
● High
2022-4803
All
AVEVA has released security updates to address a vulnerability in the following products:
- AVEVA™ InTouch Access Anywhere (all versions)
- AVEVA™ Plant SCADA Access Anywhere (all versions, formerly known as AVEVA Citect Anywhere and Schneider Electric Citect Anywhere)
An attacker could exploit this vulnerability by exposing information.
The CERT recommends taking the following measures to reduce the impact of the vulnerability:
- Disable the Windows Language Bar on the server machine hosting InTouch Access Anywhere and Plant SCADA Access Anywhere applications, unless it is required for corporate policy
- Create unique user accounts with minimal privileges dedicated only to remote access of InTouch Access Anywhere and Plant SCADA Access Anywhere applications.
- Utilize OS Group Policy Objects (GPO) to further restrict what those unique user accounts are allowed to do.
- Restrict access based on Microsoft’s recommended block list: https://docs.microsoft.com/enus/windows/security/threat-protection/windows-defender-application-control/microsoftrecommended-block-rules