OTPulse
FeedAboutContact

Schneider Electric OFS Buffer Overflow Vulnerability

Low RiskICS-CERT ICSA-14-058-02Nov 30, 2014
Summary

Schneider Electric OFS modules version 3.35 contain a stack-based buffer overflow (CWE-121) that could allow local or network-based attackers to execute arbitrary code. Affected products include TLXCDSUOFS33, TLXCDSTOFS33, TLXCDLUOFS33, TLXCDLTOFS33, and TLXCDLFOFS33. No vendor patch is currently available.

What this means
What could happen
A buffer overflow in Schneider Electric OFS modules could allow an attacker with local or network access to execute code on the device, potentially disrupting energy distribution control logic or causing equipment malfunction.
Who's at risk
Energy utilities running Schneider Electric OFS (OpenField Server) modules version 3.35, particularly those used in SCADA systems or distributed control architectures for generation, transmission, or distribution operations.
How it could be exploited
An attacker would need to send a specially crafted input to the OFS module (either locally or over the network, depending on network topology) that overflows a buffer in memory, allowing them to inject and execute arbitrary code on the affected device.
Prerequisites
  • Network or local access to the OFS module
  • Knowledge of the buffer overflow vulnerability and ability to craft malicious input
  • Device must be running firmware version 3.35
No patch availableBuffer overflow vulnerability (code execution capable)Affects energy sector critical infrastructureLocal or network exploitable depending on deployment
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (5)
5 EOL
ProductAffected VersionsFix Status
TLXCDSUOFS33: 3.353.35No fix (EOL)
TLXCDSTOFS33: 3.353.35No fix (EOL)
TLXCDLUOFS33: 3.353.35No fix (EOL)
TLXCDLTOFS33: 3.353.35No fix (EOL)
TLXCDLFOFS33: 3.353.35No fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2
HARDENINGIsolate affected OFS modules from untrusted network segments using firewall rules or network segmentation
HARDENINGRestrict network and local access to OFS modules to authorized personnel and systems only
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HARDENINGMonitor OFS module logs and network traffic for suspicious activity or exploitation attempts
WORKAROUNDContact Schneider Electric technical support to determine if a firmware update or workaround is available for your specific deployment
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/a5b85659-3330-4409-92c5-f943562d8540
Schneider Electric OFS Buffer Overflow Vulnerability - OTPulse