International
 

Security information

IndraWorks Operation (WinStudio)

2019-02-15

Important Product Information for Bosch Rexroth IndraWorks Operation (WinStudio)

IndraWorks, the Bosch Rexroth Engineering and operating software, provides WinStudio to develop visualization applications. WinStudio contains the InduSoft Web Studio technology. On February 4, 2019 , AVEVA Software, LLC. "("AVEVA"), the InduSoft Web Studio manufacturer published a security bulletin [1] containing information about a critical security vulnerability in Web Studio.

This vulnerability also affects:

- all projects created with Winstudio versions prior to 7.4 SP1.

- all projects created with IndraWorks versions prior to 15V02.

More information

Security Manual

IndraWorks Operation (WinStudio)

2018-11-001

Important product information for Bosch Rexroth IndraWorks Operation (WinStudio)

The Bosch Rexroth engineering- and operating software IndraWorks provides WinStudio for the development of visualization applications. WinStudio includes technology from InduSoft Web Studio. On 10/31/2018 AVEVA Software, LLC. (“AVEVA”), the vendor of InduSoft Web Studio, published a security bulletin [2] with information about a critical security vulnerability in Web Studio.

More Information

 

Meltdown / Spectre

2018-01-001

General Information on Meltdown / Spectre

Meltdown and Spectre can be used to steal sensitive information. Basic measures to protect against malware are described in the DC Security-guideline. According to the actual state of knowledge embedded systems like CML75 only have a higher risk of vulnerability in case the device is additionally infected with malicious code.

More information

2018-01-002

Important product information for Bosch Rexroth IndraWorks Engineering

The Windows-Security-Patches for the risks Meltdown and Spectre seriously compromise the usability and functionality of the Bosch Rexroth engineering- and operating software IndraWorks.

It prevents the start of internal service programs and dialog fields as well as the communication with controls and drives. Reason for that is a mistake on part of Microsoft. Microsoft is working on a solution. We demand, not to install these patches on devices, which use IndraWorks. The installation of the patches through automatic updates needs to be prevented in cooperation with the responsible IT specialists. Instead, it has to be waited until an accurate patch from Microsoft is available.

More information

2018-01-003

Updated product information for Bosch Rexroth IndraWorks Engineering and IndraWorks Operation

This malfunction does only affect the operating systems Windows 8 and Windows 10. The operating system Windows 7 is not, like we orginally published, affected.

More information

WannaCry

2017-06-001

How Rexroth HMI products are at risk from WannaCry ransomware

Industrial PC and embedded PC devices with Windows operating systems Windows XP, Windows 7 and Windows 10 and an operating system version older than March 2017, are susceptible to remote code execution via SMB.

Currently, “WannaCry” ransomware exploits this weakness in order to distribute malware and to encrypt data of affected systems.

More information

 
 
 
 
江西体彩多乐彩走势图