OTPulse
FeedAboutContact

Carlo Gavazzi Powersoft

Monitor7.5ICS-CERT ICSA-23-138-01May 18, 2023
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

A path traversal vulnerability in Carlo Gavazzi Powersoft versions 2.1.1.1 and earlier allows an attacker to access and retrieve arbitrary files from the server without authentication. The vulnerability exists in the file handling mechanism and could expose sensitive system files, configuration data, or credentials. Carlo Gavazzi has declared this product end-of-life and will not issue a fix.

What this means
What could happen
An attacker with network access to the Powersoft server could download arbitrary files, potentially including sensitive configuration data, user credentials, or engineering parameters critical to energy system operation.
Who's at risk
Energy sector organizations using Carlo Gavazzi Powersoft for SCADA, power monitoring, or energy management systems. This affects any site where the Powersoft server is deployed for monitoring or control of generation, transmission, distribution, or facility-level power systems.
How it could be exploited
An attacker on the network sends HTTP requests to the Powersoft server exploiting a path traversal flaw (CWE-22) to access files outside the intended directory. No authentication or user interaction is required; the attacker can retrieve files directly by crafting directory traversal sequences in the request path.
Prerequisites
  • Network access to the Powersoft server (typically port 80/443)
  • Server is reachable from the attacker's network segment (internal or remote)
Remotely exploitableNo authentication requiredLow complexity attackNo patch available (end-of-life product)Path traversal flaw allows arbitrary file disclosureAffects energy sector critical infrastructure
Exploitability
Low exploit probability (EPSS 0.3%)
Affected products (1)
ProductAffected VersionsFix Status
Powersoft: <= 2.1.1.12.1.1.1No fix (EOL)
Remediation & Mitigation
0/5
Do now
0/4
HARDENINGIsolate the Powersoft system behind a firewall; restrict network access to only authorized engineering workstations and control system devices that require communication with the server
WORKAROUNDIf remote access to Powersoft is required, deploy a VPN with current security patches and strong authentication (multi-factor if possible); ensure the VPN gateway itself is patched and hardened
HARDENINGSegment the network so the Powersoft server is isolated from business networks and is not reachable from the Internet
HARDENINGConduct a network inventory scan to identify all instances of Powersoft in your environment and verify they are not externally accessible
Mitigations - no patch available
0/1
Powersoft: <= 2.1.1.1 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGEvaluate feasibility of replacing Powersoft with a supported, actively maintained product from Carlo Gavazzi or a competitor
View full CISA ICS-CERT advisory
โ†‘โ†“ Navigate ยท Esc Close
API: /api/v1/advisories/d3419149-bf4b-4037-b058-ac586ad86bd0
Carlo Gavazzi Powersoft | CVSS 7.5 - OTPulse