OTPulse
FeedAboutContact

Schneider Electric Software Update (SESU) (Update A)

Plan Patch7.8ICS-CERT ICSA-18-305-02Nov 1, 2018
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary

Schneider Electric Software Update (SESU) versions before 2.2.0 contain a local privilege escalation vulnerability (CWE-427: Untrusted Search Path) that allows an attacker with local access to execute arbitrary code. The vulnerability is not remotely exploitable and requires the attacker to already have interactive access to a system running SESU.

What this means
What could happen
An attacker with local access to a system running SESU could execute arbitrary code and compromise the tool used to manage and update Schneider Electric control systems, potentially affecting the integrity of automation configurations.
Who's at risk
Energy sector organizations using Schneider Electric Software Update (SESU) for managing industrial control systems and programmable logic controllers (PLCs). This affects system integrators and utilities that rely on SESU for automation configuration and maintenance.
How it could be exploited
An attacker with local access to a workstation running SESU could exploit a local privilege escalation vulnerability (CWE-427: Untrusted Search Path) to run arbitrary code. This requires the attacker to have already gained interactive access to the machine where SESU is installed.
Prerequisites
  • Local interactive access to a system running SESU version 2.1.x or earlier
  • Low-level user privileges (vulnerability allows escalation to higher privileges)
Low complexity local privilege escalationRequires prior local accessAffects engineering/maintenance tools used to configure safety-critical systemsNo known public exploit availableNot remotely exploitable
Exploitability
Low exploit probability (EPSS 0.4%)
Affected products (1)
ProductAffected VersionsFix Status
Schneider Electric Software Update (SESU): all< 2.2.02.2.0
Remediation & Mitigation
0/5
Do now
0/3
HARDENINGRestrict physical and network access to workstations running SESU—keep programming software in locked cabinets and never connected to networks other than the intended control network
HARDENINGImplement physical controls to prevent unauthorized access to computers running SESU and control system devices
HARDENINGScan all portable media (USB drives, CDs) before connecting to SESU or control network nodes
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Schneider Electric Software Update (SESU) to version 2.2.0 or later
Long-term hardening
0/1
HARDENINGIsolate control system engineering networks from business networks using firewalls and air-gaps
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/993eca1a-f105-4d1b-abe2-430f138f614a
Schneider Electric Software Update (SESU) (Update A) | CVSS 7.8 - OTPulse