OTPulse
FeedAboutContact

Schneider Electric Wiser Home Automation

Act Now9.8ICS-CERT ICSA-25-153-01Jun 3, 2025
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

Wiser AvatarOn 6K Freelocate and Wiser Cuadro H 5P Socket devices contain a buffer overflow vulnerability (CWE-120) that allows unauthenticated remote code injection or authentication bypass. The vulnerability affects all versions of both products. Both products have reached end-of-life status and will not receive security patches. Successful exploitation allows an attacker to inject code or bypass authentication controls.

What this means
What could happen
An attacker could inject malicious code or bypass authentication on affected Wiser home automation devices, potentially allowing them to take control of the Zigbee network and alter connected devices, sensors, or controls in an energy facility.
Who's at risk
Energy sector operators using Schneider Electric Wiser home automation devices for facility management and control. Specifically affects organizations using the Wiser AvatarOn 6K Freelocate or Wiser Cuadro H 5P Socket for HVAC, lighting, or other building system automation.
How it could be exploited
An attacker with network access to the Wiser devices (either directly or via compromised network) could send specially crafted packets to trigger a buffer overflow or authentication bypass vulnerability, gaining code execution on the device without credentials.
Prerequisites
  • Network access to the affected Wiser device or the Zigbee network it operates on
  • Device must be running a vulnerable version (all versions affected)
  • Device must be reachable over the network from the attacker's position
remotely exploitableno authentication requiredlow complexityno patch availableend-of-life productsaffects home/building automation control
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (2)
2 EOL
ProductAffected VersionsFix Status
Wiser AvatarOn 6K Freelocate: vers:all/*All versionsNo fix (EOL)
Wiser Cuadro H 5P Socket: vers:all/*All versionsNo fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2
WORKAROUNDDisable firmware updates in the Zigbee Trust Center on affected Wiser devices
HARDENINGIsolate Zigbee network containing affected devices from the business network and restrict Internet access
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXRemove Wiser AvatarOn 6K Freelocate and Wiser Cuadro H 5P Socket devices from service and replace with supported products
Mitigations - no patch available
0/1
The following products have reached End of Life with no planned fix: Wiser AvatarOn 6K Freelocate: vers:all/*, Wiser Cuadro H 5P Socket: vers:all/*. Apply the following compensating controls:
HARDENINGSubscribe to Schneider Electric security notifications for updates on affected products and remediation plans
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/b7721dd8-bdc6-4747-b1f6-9daa98994b1d
Schneider Electric Wiser Home Automation | CVSS 9.8 - OTPulse