Schneider Electric Authenticated Communication Risk Vulnerability
Low RiskICS-CERT ICSA-13-016-01Oct 20, 2013
Summary
Schneider Electric engineering and runtime software products contain an authenticated communication risk in which the authentication mechanism may fail to properly validate communications between engineering workstations and control systems. The affected products include Unity Pro (all versions 5.0 through 6.1), Vijeo Designer (versions 5.0 through 6.1), SoMachine (v1.2.1), SESU (versions 1.0–1.1), IDS (versions 1.0–2.0), PowerSuite (v2.5), Web Gate Client Files (v5.1), and multiple Smart Widget components. An attacker with valid engineering credentials could exploit this flaw to bypass authentication checks and perform unauthorized actions on affected systems.
What this means
What could happen
An attacker with valid engineering credentials could bypass authentication checks in communications between engineering workstations and Schneider Electric control systems, potentially allowing unauthorized configuration changes or access to sensitive process data.
Who's at risk
Power generation and distribution utilities using Schneider Electric engineering and runtime software products are affected. This impacts organizations using Unity Pro for PLC programming, Vijeo Designer for HMI development, SoMachine for automation, SESU for supervisory control, IDS for control systems, and associated Smart Widget components (Acti 9, H8035, H8036, PM201, PM710, PM750) for power monitoring. Any organization relying on these Schneider Electric products for process automation or energy management should evaluate their exposure.
How it could be exploited
An attacker with valid engineering workstation credentials sends specially crafted authenticated commands to a Schneider Electric engineering tool or runtime system (Unity Pro, Vijeo Designer, SoMachine, etc.). The authentication mechanism fails to properly validate the communication, allowing the attacker to perform unauthorized actions such as modifying controller logic or accessing configuration data.
Prerequisites
- Valid engineering workstation credentials
- Network access to the affected Schneider Electric software or device
- Affected Schneider Electric product installed (engineering station or runtime)
no patch availablevalid credentials required for exploitationaffects engineering/configuration access
Exploitability
Moderate exploit probability (EPSS 1.5%)
Affected products (18)
18 EOL
ProductAffected VersionsFix Status
Unity Pro: V5.0_L_M_S_XLV5.0 L M S XLNo fix (EOL)
Unity Pro: V6.0_L_M_S_XLV6.0 L M S XLNo fix (EOL)
Vijeo Designer: 6.0.x|6.1.0.x|5.0.0.x|5.1.0.x6.0.x|6.1.0.x|5.0.0.x|5.1.0.xNo fix (EOL)
Web Gate Client Files: V5.1.xV5.1.xNo fix (EOL)
IDS: 1.0|2.01.0|2.0No fix (EOL)
Remediation & Mitigation
0/5
Do now
0/2HARDENINGRestrict network access to engineering workstations running Unity Pro, Vijeo Designer, SoMachine, or other affected Schneider Electric tools to authorized engineering staff only
HARDENINGImplement firewall rules to limit communication between engineering stations and control systems to necessary ports and protocols only
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
HARDENINGMonitor for unauthorized access attempts to engineering stations and suspicious configuration changes in affected systems
HARDENINGReview and audit recent configuration changes to Unity Pro, Vijeo Designer, SoMachine, and other affected products for unauthorized modifications
Mitigations - no patch available
0/1The following products have reached End of Life with no planned fix: Unity Pro: V5.0_L_M_S_XL, Unity Pro: V6.0_L_M_S_XL, Vijeo Designer: 6.0.x|6.1.0.x|5.0.0.x|5.1.0.x, Web Gate Client Files: V5.1.x, IDS: 1.0|2.0, PowerSuite: 2.5, Smart Widget Acti 9: V1.0.0.0, Smart Widget H8035: V1.0.0.0, Smart Widget PM201: V1.0.0.0, Smart Widget PM710: V1.0.0.0, Smart Widget PM750: V1.0.0.0, SoMachine: V1.2.1, Spacail.pro: V1.0.0.x, SESU: 1.0.x|1.1.x, Unity Pro: V6.1_L_M_S_XL, Unity Pro: V0_L_M_S_XL_XLS, Vijeo Designer Opti: 6.0.x|5.1.0.x|5.0.0.x, Smart Widget H8036: V1.0.0.0. Apply the following compensating controls:
HARDENINGEnforce strong access controls and multi-factor authentication for engineering workstation accounts where possible
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/23619687-9d7c-4973-adf4-f92600eef98f