Schneider Electric Updates
1781Warning Date
Severity Level
Warning Number
Target Sector
17 August, 2021
● High
2021-3376
All
Description:
Schneider Electric has released security updates to address several vulnerabilities in their products, the most ones:
- Harmony/HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 )
- Vijeo Designer Basic (all versions prior to V1.2)
- EcoStruxure Machine Expert (all versions prior to V2.0)
- EcoStruxure Control Expert all versions (including former Unity Pro)
- EcoStruxure Process Expert, all versions (including former HDCS)
- SCADAPack RemoteConnect for x70
- GP-Pro EX V4.09.250 and prior
- AccuSine PCS+ / PFV+ (Versions prior to V1.6.7)
- AccuSine PCSn (Versions prior to V2.2.4)
- Programmable Automation Controller (PacDrive) M, all versions
- SHFK-MT-104 Control Panels (see security notification for more details)
- Modicon X80 BMXNOR0200H RTU SV1.70 IR22 and prior
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Sensitive information disclosure
- Remote code execution
Best practice and Recommendations:
The CERT team encourages users to review Schneider Electric security advisory and apply the necessary updates:
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-01
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-02
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-03
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-08
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-159-05
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2020-353-02
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2020-353-01
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2020-315-01
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2020-343-03
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2020-343-04