The official site for Saudi CERT
Schneider Electric Alert
1988
Warning Date
Severity Level
Warning Number
Target Sector
11 July, 2023
● High
2023-5661
All
Description:
Schneider Electric has released security updates to address several vulnerabilities in the following products:
- StruxureWare Data Center Expert
- v7.9.3 and earlier
- Accutech Manager
- Version 2.7 and prior
- HMISCU Controller
- Modicon Controller LMC078
- Modicon Controller M241
- Modicon Controller M251
- Modicon Controller M262
- Modicon Controller M258
- Modicon Controller LMC058
- Modicon Controller M218
- PacDrive 3 Controllers: LMC Eco/Pro/Pro2
- SoftSPS embedded in EcoStruxure™ Machine Expert
Threats:
An attacker could exploit these vulnerabilities by doing the following:
- Privilege Escalation
- Unauthorized Access
- Denial of Service (DoS)
- Improper Input Validation
- Remote Code Execution
Best practice and Recommendations:
The CERT team encourages users to review Schneider Electric security advisory and apply the necessary updates:
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-192-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-192-01.pdf
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-192-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-192-03.pdf
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-192-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-192-04.pdf
Rate the content
Share the page
