Schneider Electric Trio Q Licensed Data Radio

MonitorCVSS 6.8ICS-CERT ICSA-25-107-01Apr 8, 2025

Schneider ElectricEnergy

Attack path

Attack VectorPhysical

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Schneider Electric Trio Q Licensed Data Radios contain a vulnerability that could allow an attacker with physical access to the device to disclose sensitive information, potentially leading to unauthorized access to connected SCADA systems. The Trio Q is an advanced licensed digital data radio used for Point-to-Point and Multipoint telemetry and remote SCADA communications. The vulnerability affects versions prior to 2.7.2 and impacts confidentiality, integrity, and availability of the device and systems it supports.

What this means

What could happen

An attacker with physical access to the Trio Q data radio could extract sensitive information or gain unauthorized access to SCADA systems that depend on the radio for telemetry and remote communications. Loss of confidentiality, integrity, or availability of the device could disrupt remote monitoring and control operations.

Who's at risk

Energy sector operators who deploy Schneider Electric Trio Q Licensed Data Radios for remote SCADA telemetry and point-to-point or multipoint communications should prioritize updating devices. This affects utilities and power systems that rely on licensed data radios for remote monitoring and control of distributed assets.

How it could be exploited

An attacker must have physical access to the Trio Q radio device. Once in possession of the device, they could exploit the vulnerability to access stored credentials, firmware, or configuration data that would allow them to spoof radio communications or inject commands into the connected SCADA network.

Prerequisites

Physical access to the Trio Q Licensed Data Radio device
No authentication required once physical access is gained

Affects remote SCADA communicationsNo authentication required for physical exploitationInformation disclosure leading to unauthorized network access

Exploitability

Unlikely to be exploited — EPSS score 0.2%

Affected products (1)

ProductAffected VersionsFix Status

Trio™ Q Licensed Data Radio<2.7.22.7.2

Remediation & Mitigation

0/4

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Trio Q Licensed Data Radio firmware to version 2.7.2 or later using the firmware update procedure in Section 10 Part J of the Trio Q Series Data Radio User Manual

HARDENINGVerify firmware integrity after update by comparing the installed firmware hash against the published hash in the release notes

Long-term hardening

0/2

HARDENINGInstall Trio Q data radios in physically secure locations that prevent unauthorized access by personnel

HARDENINGImplement secure decommissioning procedures for Trio Q data radios to prevent extraction of sensitive data from retired devices

CVEs (3)

CVE-2025-2440 CVE-2025-2441 CVE-2025-2442

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/9a418ef8-c823-4257-93ec-a4159259a022

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.