Your review has been sent successfully

Schneider Electric Alert

2298
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Most Viewed Warnings

Dell EMC Alert

● Critical

F5 Alert

● High

IBM Alert

● Critical

Fortinet Alert

● High

Red Hat Alert

● High

حملات تصيدية تستهدف مايكروسوفت تيمز (Microsoft Teams)

● High

Warning Date

Severity Level

Warning Number

Target Sector

17 February, 2020

● High

2020-917

Manufacturing - Commercial Facilities

Description:

Schneider Electric has released security alert for multiple vulnerabilities in the following products:

  • Magelis HMIGTO series, all firmware versions
  • Magelis HMISTO series, all firmware versions
  • Magelis XBTGH series, all firmware versions
  • Magelis HMIGTU series, all firmware versions
  • Magelis HMIGTUX series, all firmware versions
  • Magelis HMISCU series, all firmware versions
  • Magelis HMISTU series, all firmware versions
  • Magelis XBTGT series, all firmware versions
  • Magelis XBTGC series, all firmware versions
  • Magelis HMIGXO series, all firmware versions
  • Magelis HMIGXU series, all firmware versions
  • BMXNOR0200H Ethernet/Serial RTU module, all firmware versions

Threats:

Attacker could exploit these vulnerabilities by doing the following:

  • Denial of Service (DoS)
  • Execute arbitrary command remotely
  • disconnection of active connections

Best practice and Recommendations:

The Schneider Electric team encourages users to set up network segmentation and implement a firewall to block all unauthorized access to the following Ports:

  • 44818/TCP
  • 502/TCP
  • 6000/TCP
  • 6002/TCP
  • 8080/TCP
  • 8014/TCP
  • 6001/TCP
  • 2404/TCP
  • SNMP 161/UDP
  • For more information:

https://www.se.com/ww/en/download/document/SEVD-2019-225-03/

Last updated at 17 February, 2020

Rate the content

rate-icon
up icon