Impact to individual organizations depends on many factors that are unique to each organization. This vulnerability can affect products deployed in the energy, dams, healthcare and public health, water, chemical, and commercial facilities. Unauthorized attackers can then access the MiCOM S1 executable files. Successful exploitation of this vulnerability may allow an attacker with read/modify user permissions for the MiCOM S1 file system to affect the availability of the application.
The following Alstom Grid products are affected: Alstom has tested the update to validate that it resolves the vulnerability. Alstom has produced an update that mitigates this vulnerability. This advisory only addresses the Alstom software product.Īlstom has identified an improper authorization vulnerability in the Alstom Grid MiCOM S1 Agile Software. A user could have MiCOM S1 Studio Software from a different vendor.
Note: Alstom Grid MiCOM S1 Studio Software is its own software suite. This advisory provides mitigation details for a vulnerability affecting the Alstom Grid MiCOM S1 Agile and S1 Studio Software.
