Schneider Electric Enerlinâ€™X IFE and eIFE

Monitor6.5ICS-CERT ICSA-25-079-02Feb 11, 2025

Attack VectorAdjacent

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Schneider Electric Enerlin'X IFE (LV434001) and eIFE (LV851001) interface modules contain input validation vulnerabilities that can cause denial of service of IEC 61850 network services. These devices enable Masterpact, PowerPact, and Compact circuit breakers to connect to Ethernet networks for remote management. An attacker with network access can trigger a crash that requires manual device reboot, temporarily disabling remote monitoring and control capabilities. The vulnerabilities affect all versions up to and including 004.009.000.

What this means

What could happen

An attacker could cause the IEC 61850 network services on your circuit breaker interface modules to stop responding, forcing a manual reboot and temporarily losing visibility and control of connected Masterpact, PowerPact, or Compact circuit breakers.

Who's at risk

Energy utilities operating Schneider Electric Masterpact, PowerPact, or Compact circuit breakers that are networked via Enerlin'X IFE or eIFE interface modules for remote monitoring and IEC 61850 protocol communications.

How it could be exploited

An attacker with access to the same network segment as the Enerlin'X IFE or eIFE device could send specially crafted input that causes the device to stop processing IEC 61850 protocol requests, effectively disabling remote monitoring and control until the device is manually rebooted.

Prerequisites

Network access to the Enerlin'X IFE or eIFE device on the same network segment
No authentication required

remotely exploitableno authentication requiredlow complexity attackaffects electrical distribution equipmentno patch available for versions prior to 004.010.000

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (4)

4 with fix

ProductAffected VersionsFix Status

Enerlin'X IFE interface (LV434001) All VersionsAll versions004.010.000

Enerlin'X eIFE (LV851001) All VersionsAll versions004.010.000

Enerlin'X IFE interface≤ 004.009.000004.010.000

Enerlin'X eIFE v004.009.000 and prior≤ 004.009.000004.010.000

Remediation & Mitigation

0/5

Do now

0/3

WORKAROUNDConfigure firewall rules to block all unauthorized access to ports used by Enerlin'X IFE and eIFE (consult product user guide for port list)

HARDENINGConfigure Access Control Lists according to Schneider Electric Cybersecurity Guide and product user guide

HARDENINGEnsure Enerlin'X IFE and eIFE devices are not accessible from the Internet or untrusted networks

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Enerlin'X IFE and eIFE firmware to version 004.010.000 or later using the EcoStruxure Power Commission tool

Long-term hardening

0/1

HARDENINGImplement network segmentation to isolate the circuit breaker network from business networks and untrusted systems

CVEs (3)

CVE-2025-0816 CVE-2025-0815 CVE-2025-0814

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/e4a8ef50-65cd-407e-b60b-47d0364310ce