Your review has been sent successfully

Schneider Electric Alert

2389
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Most Viewed Warnings

Dell EMC Alert

● Critical

F5 Alert

● High

IBM Alert

● Critical

Fortinet Alert

● High

Red Hat Alert

● High

حملات تصيدية تستهدف مايكروسوفت تيمز (Microsoft Teams)

● High

Warning Date

Severity Level

Warning Number

Target Sector

28 July, 2021

● Critical

2021-3260

Energy - Transportation - Water and Utilities - Commercial Facilities - Government Facilities

Description:

Schneider Electric has released a security alert for multiple vulnerabilities in the following products:

  • EcoStruxure Control Expert
    • All versions prior to v15.0 SP1
    • Including all versions of Unity Pro (former name of EcoStruxure Control Expert)
  • EcoStruxure Control Expert
    • v15.0 SP1
  • EcoStruxure Process Expert
    • All versions
    • Including all versions of EcoStruxure Hybrid DCS (former name of EcoStruxure Process Expert)
  • SCADAPack RemoteConnect for x70
    • All versions
  • Modicon M580 CPU (part numbers BMEP* and BMEH*)
    • All versions
  • Modicon M340 CPU (part numbers BMXP34*)
    • All versions

Threats:

Attacker could exploit these vulnerabilities by executing arbitrary code remotely.

Best practice and Recommendations:

The Schneider Electric team encourages users to review the security advisory and apply the necessary mitigations until they release the fixes:

Last updated at 28 July, 2021

Rate the content

rate-icon
up icon