Claroty’s an industry-level cybersecurity specialists firm reported the finding of two severe vulnerabilities present in PowerLogic smart meters, developed by Schneider Electric. This is a solution used by public and private organizations worldwide, mainly at industrial environments, medical centers and data centers.
The report mentions that experts found that some of these PowerLogic meters (from the ION and PM series) could be exposed to exploiting detected flaws, allowing remote threat actors to send specially designed TCP packets to the target system.
Through its enterprise blog, Claroty explains that these smart meters communicate between each other using a proprietary ION protocol over TCP port 7700, and packets received by the device are analyzed by a state machine function: “We discover that it is possible to trigger this flaw during the packet analysis process by using the main state machine function by sending a specially designed request. This is possible without authentication because the request is fully scanned before authentication is performed.”
Experts claim to have identified two different operating paths, depending on the architecture of the target device and its security settings. Both scenarios received different exploit tracker IDs: “The first flaw, tracked as CVE-2021-22714, allows malicious hackers to cause the meter to restart arbitrarily, in a kind of denial of service (DoS) attack,” the experts mention.
On the other hand, the vulnerability tracked as CVE-2021-22713 was described as a forced reboot of the device and is considered a high severity error.
Flaws are present in various PowerLogic ION models and in a single PowerLogic PM model. It should be noted that the first updates to fix these bugs were released in June 2020, while the rest were barely released this week. Some of the affected smart meters do not support these updates, so they will not receive additional support.
Vulnerabilities affecting smart meters are known to pose a risk to both consumers and utilities, so it is important that users of affected Schneider Electric products install official updates as soon as possible. To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.
