ProSoft Configurator for Modicon PMEPXM0100 (H)
Plan Patch7.3SEVD-2020-042-01Feb 11, 2020
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionRequired
Summary
ProSoft Configurator v1.002 and earlier contains an unsafe library loading vulnerability (CWE-427) that allows a local, low-privileged user to execute arbitrary code on an engineering workstation. This could occur when the Configurator loads external libraries or DLL files from locations an attacker can write to, such as the current working directory or shared paths.
What this means
What could happen
A local attacker with low privileges on an engineering workstation could execute arbitrary code with high severity impact on the Modicon M580 Profibus DP master module, potentially compromising the ability to monitor or control Profibus-attached devices in the network.
Who's at risk
Energy sector organizations operating Schneider Electric Modicon M580 Profibus DP master modules (PMEPXM0100). This affects engineering teams and technicians who use ProSoft Configurator for module configuration, commissioning, and maintenance. The risk is primarily local to engineering workstations rather than remote plant floor devices.
How it could be exploited
An attacker with non-administrative privileges on an engineering workstation running ProSoft Configurator could exploit an unsafe library load or DLL injection vulnerability (CWE-427) to execute arbitrary code in the context of the Configurator application. This could occur via a specially crafted file or directory in a location the Configurator searches during runtime.
Prerequisites
- Non-administrative user account on an engineering workstation
- ProSoft Configurator v1.002 or earlier installed
- User interaction required (e.g., opening a file or project)
Low-complexity attackUnsafe library loading (CWE-427)Affects engineering/configuration softwareUser interaction requiredLocal access only
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (1)
ProductAffected VersionsFix Status
ProSoft Configurator v1.002 and prior≤ 1.0021.003
Remediation & Mitigation
0/3
Do now
0/1HARDENINGRestrict file system write permissions on the engineering workstation to prevent unprivileged users from placing malicious libraries in directories searched by ProSoft Configurator
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpgrade ProSoft Configurator to version 1.003 or later
Long-term hardening
0/1HARDENINGLimit engineer and technician access to only the personnel who require it, enforcing non-administrative user roles where possible
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/4580e48b-1db4-49be-abb8-357261ea6a9e