Critical vulnerabilities found in Schneider Electric Systems

A network security course report prepared by specialists from the Russian firm Rostelecom Solar reports the finding of several vulnerabilities, some of them critical, in Schneider Electric’s industrial equipment used to control power systems.

Researchers analyzed the security of the integrated controller software for the automation of Schneider Electric Easergy T300 transformation substations and Schneider Electric Easergy Builder software (sold separately), which is used for equipment configuration.

Some affected users indicate that reported vulnerabilities might affect their network deployments, although Schneider has not detailed potential risk scenarios.

According to network security course experts, the Easergy T300 web server is highly vulnerable to cross-site request forgery (XSRF) attacks, which can lead to incorrect driver configuration and eventually cybersecurity incidents. In addition, the driver is exposed to denial of service (DoS) attacks due to an unpatched vulnerability, not to mention that issues with encryption were discovered on the device, which could expose private encryption keys, login credentials for user accounts.

If a threat actor exploits some of these failures, it could gain full control of vulnerable devices.

In this regard, Schneider Electric issued a statement in which they claim to have worked with the researchers to correct these flaws. The vulnerabilities were fixed in the most recent device update, so affected deployment administrators are promptly updated.

For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.