Description Preview
Overview
The vulnerability (CWE-290: Authentication Bypass by Spoofing) affects numerous Schneider Electric industrial control systems and software. Affected products include EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), and Modicon M340 CPU (all versions - part numbers BMXP34*).
An attacker with network access to the affected systems could potentially spoof the Modbus communication channel between the engineering software and the controller. This could allow unauthorized access with both read and write capabilities to the controller, potentially enabling an attacker to view sensitive information or make unauthorized changes to industrial control systems.
Remediation
Users should implement the following mitigation strategies:
- Update to the latest software versions as recommended by Schneider Electric
- Implement network segmentation to isolate control system networks from other networks
- Use secure remote access methods when remote access is required
- Implement a firewall to block all unauthorized access
- Follow Schneider Electric's specific security advisories and recommendations for each affected product
- Monitor systems for unusual activity that could indicate exploitation attempts
For specific patch information and detailed remediation steps, refer to Schneider Electric's security advisory SEVD-2021-194-01.
References
- Schneider Electric Security Advisory SEVD-2021-194-01: http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01
- MITRE CWE-290 (Authentication Bypass by Spoofing): https://cwe.mitre.org/data/definitions/290.html
- ICS-CERT Advisory (if available)
- Schneider Electric Product Security Portal: https://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp
Industry ExposureMost to leastThis section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.
- ManufacturingManufacturing: Low
- UtilitiesUtilities: Low
- Transportation & WarehousingTransportation & Warehousing: Low
- Public AdministrationPublic Administration: Low
- Other Services (except Public Administration)Other Services (except Public Administration): Low
- Professional, Scientific, & Technical ServicesProfessional, Scientific, & Technical Services: Low
- Accommodation & Food ServicesAccommodation & Food Services: Low
- Administrative, Support, Waste Management & Remediation ServicesAdministrative, Support, Waste Management & Remediation Services: Low
- Agriculture, Forestry Fishing & HuntingAgriculture, Forestry Fishing & Hunting: Low
- Arts, Entertainment & RecreationArts, Entertainment & Recreation: Low
- ConstructionConstruction: Low
- Educational ServicesEducational Services: Low
- Finance and InsuranceFinance and Insurance: Low
- Health Care & Social AssistanceHealth Care & Social Assistance: Low
- InformationInformation: Low
- Management of Companies & EnterprisesManagement of Companies & Enterprises: Low
- MiningMining: Low
- Real Estate Rental & LeasingReal Estate Rental & Leasing: Low
- Retail TradeRetail Trade: Low
- Wholesale TradeWholesale Trade: Low
