Schneider Electric Update
1982Warning Date
Severity Level
Warning Number
Target Sector
2 December, 2020
● High
2020-2130
All
Description:
Schneider Electric has released a security update to address a vulnerability in the following product:
- EcoStruxure Operator Terminal Expert Runtime 3.1 Service Pack 1A and prior installed on:
- Windows PC using legacy BIOS
- Harmony iPC (HMIG5U, HMIG5U2) using legacy BIOS
* NOTE: Windows PCs using UEFI are not impacted by this vulnerability.
Threats:
An attacker could exploit this vulnerability by escalating privileges.
Best practice and Recommendations:
The CERT team encourages users to review Schneider Electric security advisory and apply the necessary update: