Schneider Electric ConneXium Network Manager Software
Monitor7.8ICS-CERT ICSA-25-107-03Apr 8, 2025
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
Schneider Electric ConneXium Network Manager software contains vulnerabilities that allow unauthorized file access and privilege escalation. The software is used to configure and monitor administrable Schneider Electric devices including switches, routers, firewalls, ConneXium Wi-Fi devices, and third-party products. Exploitation could lead to sensitive data disclosure, privilege escalation via man-in-the-middle attacks, denial of service, and remote code execution on engineering workstations. The vulnerabilities are caused by improper file permissions (CWE-552) and insufficient input validation (CWE-20).
What this means
What could happen
An attacker with local access to an engineering workstation running ConneXium Network Manager could steal sensitive configuration data, escalate privileges to administrative level, or execute arbitrary code on the workstation—potentially compromising network management and control of connected Schneider Electric switches, routers, firewalls, and Wi-Fi devices.
Who's at risk
Energy utilities and industrial facilities operating Schneider Electric network infrastructure should care about this issue. This affects engineering teams and IT staff who manage ConneXium switches, routers, firewalls, and Wi-Fi access points using the Network Manager software. The vulnerability is in the management tool itself, not the network devices, so any organization using ConneXium Network Manager to configure or monitor Schneider Electric network equipment is at risk.
How it could be exploited
An attacker must have local file system access or be able to trigger user interaction (opening a malicious file or link) on a workstation where ConneXium Network Manager is installed. Once executed, the vulnerability allows reading sensitive files outside the intended scope, leading to credential disclosure or privilege escalation. The attacker could then use stolen credentials or elevated privileges to modify network device configurations or perform man-in-the-middle attacks on management traffic.
Prerequisites
- Local access to the engineering workstation or ability to cause a user to open a malicious file
- ConneXium Network Manager software must be installed
- User interaction (e.g., file opening) may be required depending on attack variant
no patch availableaffects engineering workstations with administrative accesscould enable privilege escalation to network infrastructure controlsensitive data disclosure risk (credentials, device configurations)
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (2)
2 EOL
ProductAffected VersionsFix Status
ConneXium Network Manager All versionsAll versionsNo fix (EOL)
ConneXium Network Manager v2.0.012.0.01No fix (EOL)
Remediation & Mitigation
0/8
Do now
0/7HARDENINGIsolate control system networks and remote devices behind firewalls; do not connect them directly to the business network.
HARDENINGPlace all controllers in locked cabinets and never leave them in 'Program' mode.
HARDENINGNever connect engineering workstations running ConneXium Network Manager to any network other than the network intended for device management.
HARDENINGScan all removable media (CDs, USB drives) for malware before use on engineering workstations or control system networks.
HARDENINGProhibit personal mobile devices that have connected to other networks from accessing control system networks without proper sanitization.
HARDENINGMinimize network exposure for all control system devices; ensure they are not reachable from the Internet.
HARDENINGImplement physical access controls to prevent unauthorized personnel from accessing engineering workstations.
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HARDENINGFor required remote access to engineering workstations, use a Virtual Private Network (VPN) and keep VPN software updated to the latest version.
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/51763271-2179-460f-bc7e-f53329c09d9a