OTPulse
FeedAboutContact

Schneider Electric EcoStruxure IT Gateway

Act Now9.8ICS-CERT ICSA-24-326-05Nov 12, 2024
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

A critical vulnerability exists in EcoStruxure IT Gateway that allows remote, unauthenticated attackers to gain unauthorized access and control of the device or retrieve sensitive information. The Gateway is part of the EcoStruxure IT platform, which collects data from IT infrastructure devices and transmits it to the cloud for analysis and management. Versions 1.21.0.6, 1.22.0.3, 1.22.1.5, and 1.23.0.4 are affected. Exploitation could allow an attacker to intercept, modify, or steal data in transit to the cloud platform.

What this means
What could happen
An attacker could remotely take control of the EcoStruxure IT Gateway without authentication, allowing them to intercept or modify data flowing from your IT infrastructure to the cloud, or extract sensitive information about your connected devices and systems.
Who's at risk
Energy sector operators and IT infrastructure managers who use Schneider Electric's EcoStruxure IT Gateway to monitor and manage data center, facility management, or building automation systems. This affects organizations using the gateway as a cloud-connect bridge for IT infrastructure devices.
How it could be exploited
An attacker on the network can send a specially crafted request to the vulnerable Gateway over the network without providing any credentials. The Gateway fails to properly validate access, allowing the attacker to execute commands or access sensitive data directly from the device.
Prerequisites
  • Network access to the EcoStruxure IT Gateway
  • No authentication required
Remotely exploitableNo authentication requiredLow complexityCritical severity (CVSS 9.8)Affects cloud connectivity for IT infrastructure monitoring
Exploitability
Low exploit probability (EPSS 0.3%)
Affected products (1)
ProductAffected VersionsFix Status
EcoStruxure™ IT Gateway1.21.0.6; 1.22.0.3; 1.22.1.5; 1.23.0.41.23.1.10
Remediation & Mitigation
0/2
Do now
0/1
HARDENINGEnable automatic updates on EcoStruxure IT Gateway to receive security patches promptly
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate EcoStruxure IT Gateway to version 1.23.1.10 or later
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/36df87d7-36c0-4a7e-8090-faf3836ff044