Schneider Electric PowerLogic PM5300 Series

Plan PatchCVSS 7.5ICS-CERT ICSA-24-326-06Nov 12, 2024

Schneider ElectricEnergy

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Schneider Electric PowerLogic PM5300 series power meters with ethernet functionality contain a denial-of-service vulnerability (CWE-400) in request handling. The vulnerability allows an attacker on the network to send requests that consume excessive resources, causing the meter to become unresponsive and lose communication. Affected models: PM5320 (versions up to 2.3.8), PM5340 (versions up to 2.3.8), and PM5341 (versions up to 2.6.6). Loss of communication to these meters disrupts energy cost management and network monitoring functions.

What this means

What could happen

An attacker on the network can flood the PowerLogic PM5300 series meters with requests, causing them to become unresponsive and lose communication with your monitoring and control systems. This disrupts visibility into power consumption and can prevent energy management operations.

Who's at risk

Energy utilities and facilities with PowerLogic PM5320, PM5340, or PM5341 power meters deployed for energy monitoring and management. These meters are commonly used in electrical distribution, demand monitoring, and power quality applications in utilities, data centers, and industrial facilities.

How it could be exploited

An attacker with network access to the ethernet port of the PM5320, PM5340, or PM5341 meter can send a large volume of specially crafted requests. The meter does not properly handle the resource consumption, becoming overwhelmed and ceasing to respond to legitimate monitoring commands from your SCADA or energy management system.

Prerequisites

Network access to the ethernet port of the affected power meter
No authentication required

remotely exploitableno authentication requiredlow complexityaffects energy monitoring systems

Exploitability

Unlikely to be exploited — EPSS score 0.3%

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

PowerLogic PM5320≤ 2.3.82.4.0

PowerLogic PM5340≤ 2.3.82.4.0

PowerLogic PM5341≤ 2.6.62.7.0

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDRestrict network access to the ethernet ports of PM5300 series meters using firewall rules or network segmentation; allow only trusted management systems and SCADA servers

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

PowerLogic PM5320

HOTFIXUpdate PowerLogic PM5320 to firmware version 2.4.0 or later

PowerLogic PM5340

HOTFIXUpdate PowerLogic PM5340 to firmware version 2.4.0 or later

PowerLogic PM5341

HOTFIXUpdate PowerLogic PM5341 to firmware version 2.7.0 or later

CVEs (1)

CVE-2024-9409

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/8426317a-51fa-4b90-825d-61129426d5cb

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.