BINOM3 Electric Power Quality Meter (Update A)

Act NowCVSS 10ICS-CERT ICSA-17-031-01AJan 31, 2017

Energy

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

BINOM3 Universal multifunctional electric power quality meter (all versions) contains multiple critical vulnerabilities including cross-site scripting (CWE-79), broken access control (CWE-284), missing CSRF protection (CWE-352), information disclosure (CWE-200), and use of hardcoded credentials (CWE-259). These vulnerabilities allow unauthenticated remote attackers with network access to execute arbitrary commands, bypass authentication, access sensitive data, and modify meter configuration. No vendor patch is planned—end-of-life status applies to all versions.

What this means

What could happen

An attacker with network access to the power meter can gain full control of the device through multiple vulnerabilities, potentially altering power quality measurements, disabling logging, or accessing sensitive configuration data. This could lead to incorrect billing, loss of operational visibility, and inability to detect power system problems.

Who's at risk

Electric utilities and water authorities that deploy BINOM3 power quality meters for system monitoring and billing. Any facility using this universal multifunctional meter model for power analysis, load profiling, or power factor correction oversight is at risk.

How it could be exploited

An attacker can reach the power meter over the network (port 80 or web interface) without any credentials. Multiple vulnerabilities—including cross-site scripting (CWE-79), weak access controls (CWE-284), and hardcoded credentials (CWE-259)—can be chained to execute arbitrary commands on the meter and modify its behavior or data.

Prerequisites

Network access to the power meter's web interface (typically port 80/443)
No authentication required for initial exploitation
Meter must be connected to your network or accessible from an attacker's network position

remotely exploitableno authentication requiredlow complexityhigh EPSS score (60.1%)no patch availabledefault credentials

Exploitability

Likely to be exploited — EPSS score 60.1%

Metasploit module available — weaponized exploitView module ↗

Affected products (1)

ProductAffected VersionsFix Status

power meters: Universal multifunctional electric power quality meterAll versionsNo fix (EOL)

Remediation & Mitigation

0/5

Do now

0/3

HARDENINGIsolate the power meter on a separate monitoring network (VLAN) and restrict network access using firewall rules to allow only authorized monitoring and configuration systems to communicate with it

WORKAROUNDDisable or restrict access to the web interface (port 80/443) from untrusted networks or completely disable web access if not required for operations

HARDENINGImplement network segmentation so the power meter cannot communicate directly with control systems, safety systems, or internet-facing networks

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HARDENINGMonitor the power meter for unauthorized access attempts and unexpected configuration changes

HOTFIXReplace the affected power meter with a newer model from the vendor that includes security fixes, or pursue alternative power quality monitoring solutions

CVEs (5)

CVE-2017-5164 CVE-2017-5162 CVE-2017-5165 CVE-2017-5166 CVE-2017-5167

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/ddf93ae4-3d01-4f16-92d2-9f90eee8eafc

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.