Schneider Electric PowerLogic PM5300 Series

Plan Patch7.5ICS-CERT ICSA-24-326-06Nov 12, 2024

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Schneider Electric PowerLogic PM5300 series power meters contain an uncontrolled resource consumption vulnerability in their ethernet functionality. When network traffic is sent to these devices, the meters may exhaust available resources and become unresponsive, causing loss of communication to the monitoring system. This impacts the ability to collect power quality data and manage electrical system visibility. The vulnerability affects PM5320 (versions ≤2.3.8), PM5340 (versions ≤2.3.8), and PM5341 (versions ≤2.6.6).

What this means

What could happen

An attacker on the network can trigger a denial of service condition that disrupts communication with the power meter, causing loss of visibility into electrical system metrics and potentially interrupting energy management and monitoring functions.

Who's at risk

Energy sector organizations using Schneider Electric PowerLogic PM5320, PM5340, or PM5341 power meters for electrical monitoring and cost management should prioritize patching. These compact power meters are commonly deployed in utility substations, distribution facilities, and industrial plants for real-time energy consumption tracking and network-based reporting.

How it could be exploited

An attacker with network access to the power meter's ethernet port can send specially crafted network requests that exhaust the device's resources (CWE-400: Uncontrolled Resource Consumption), causing the meter to become unresponsive and stop communicating with the monitoring system.

Prerequisites

Network access to port 502 (Modbus TCP) or other ethernet service ports on the power meter
No authentication required

remotely exploitableno authentication requiredlow complexityaffects power monitoring systems

Exploitability

Low exploit probability (EPSS 0.3%)

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

PowerLogic PM5320≤ 2.3.82.4.0

PowerLogic PM5340≤ 2.3.82.4.0

PowerLogic PM5341≤ 2.6.62.7.0

Remediation & Mitigation

0/5

Do now

0/1

WORKAROUNDRestrict network access to the power meter's ethernet ports to only authorized monitoring and management systems using firewall rules

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

PowerLogic PM5320

HOTFIXUpgrade PowerLogic PM5320 to firmware version 2.4.0 or later

PowerLogic PM5340

HOTFIXUpgrade PowerLogic PM5340 to firmware version 2.4.0 or later

PowerLogic PM5341

HOTFIXUpgrade PowerLogic PM5341 to firmware version 2.7.0 or later

Long-term hardening

0/1

HARDENINGSegment power meters onto a dedicated network or VLAN separate from untrusted devices and the general IT network

CVEs (1)

CVE-2024-9409

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/8426317a-51fa-4b90-825d-61129426d5cb