OTPulse
FeedAboutContact

Schneider Electric VAMPSET

Monitor5.6ICS-CERT ICSA-17-136-04May 16, 2017
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionRequired
Summary

VAMPSET tool versions below 2.2.189 are vulnerable to denial of service through malformed settings files. When a user opens a crafted settings file in VAMPSET, the application crashes or becomes unresponsive, preventing legitimate access to the tool. The vulnerability is caused by insufficient input validation (CWE-20) on file format checks. After patching, VAMPSET will safely reject malformed files and display an error message instead of crashing.

What this means
What could happen
An attacker with local access to an engineering workstation could craft a malformed settings file that causes VAMPSET to stop functioning or become unresponsive, disrupting configuration management of Schneider Electric devices.
Who's at risk
Energy sector organizations using Schneider Electric VAMPSET configuration tool on engineering workstations. This affects personnel who manage and update settings on Schneider Electric energy management devices and controllers.
How it could be exploited
An attacker needs local or removable media access to an engineering workstation where VAMPSET is installed. They craft a malformed settings file and trick a user into opening it via VAMPSET, causing the application to crash or hang. The attacker could use this to disrupt maintenance activities or prevent legitimate operators from updating device configurations.
Prerequisites
  • Local access to the engineering workstation running VAMPSET
  • User interaction required: operator must open the malformed file in VAMPSET
  • VAMPSET version earlier than 2.2.189
low complexity to exploitrequires user interactionlocal access requiredaffects engineering tools and configuration management
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
VAMPSET:< 2.2.1892.2.189
Remediation & Mitigation
0/3
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade VAMPSET to version 2.2.189 or later
Long-term hardening
0/2
HARDENINGRestrict physical and removable media access to workstations running VAMPSET configuration tools
HARDENINGTrain operators to be cautious about opening settings files from untrusted sources
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/8a49b864-2441-4777-a8a0-8e8428103f4c