Schneider Electric Power Logic

Plan Patch8.8ICS-CERT ICSA-25-028-02Jan 28, 2025

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

Schneider Electric Power Logic HDPM6000 firmware versions 0.62.7 and earlier contain two vulnerabilities (CVE-2024-10497 and CVE-2024-10498) affecting HTTPS and Modbus protocol handlers. Successful exploitation could allow an authenticated attacker to modify configuration data or cause denial-of-service conditions on the web interface functionality, potentially disrupting monitoring and control of electrical distribution operations.

What this means

What could happen

An attacker with network access and valid credentials could modify configuration data on the Power Logic HDPM6000 or disrupt the web interface, affecting visibility and control of electrical distribution monitoring and protection functions.

Who's at risk

Energy utilities and industrial facilities relying on Schneider Electric Power Logic HDPM6000 devices for electrical power monitoring, distribution automation, and protection. Affected installations include power metering, load management, and grid monitoring systems in substations and large facilities.

How it could be exploited

An attacker on the network segment sends authenticated requests to the HTTPS or Modbus interface of the HDPM6000. The attacker exploits a buffer overflow or privilege issue to modify device data or cause the interface to become unavailable, potentially disrupting monitoring of power flows or settings.

Prerequisites

Network access to the HDPM6000 via HTTPS (port 443) or Modbus (port 502)
Valid user credentials for the Power Logic web interface
Device running firmware version 0.62.7 or earlier

remotely exploitablerequires valid credentialsauthentication requiredno patch available for all affected versionsaffects critical monitoring infrastructure

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (2)

2 pending

ProductAffected VersionsFix Status

Schneider Electric Power Logic: v0.62.7v0.62.7No fix yet

Schneider Electric Power Logic: <=v0.62.7≤ v0.62.7No fix yet

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDRestrict HTTPS access to the HDPM6000 to the local network segment only using firewall rules

WORKAROUNDRestrict Modbus protocol access to the HDPM6000 to the local network segment only using firewall rules

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate HDPM6000 firmware to version v0.62.11 or newer

Long-term hardening

0/1

HARDENINGImplement network segmentation to limit access to the HDPM6000 management segment

CVEs (2)

CVE-2024-10497 CVE-2024-10498

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/3495dbe0-5499-40d8-919e-050f376f622e