Easergy T300

Act Now9.8SEVD-2020-161-04Jun 9, 2020

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Schneider Electric's Easergy T300 grid automation platform contains multiple vulnerabilities affecting authentication, input validation, encryption, and data protection. The vulnerabilities allow an attacker with network access to the device to execute unauthorized commands, access sensitive data, and disrupt operations without valid credentials. The T300 is a substation automation platform deployed in medium-voltage (2400–69,000 VAC) substation cabinets. A free firmware update (version 2.7) is available from Schneider Electric's Customer Care Center. Customers should acquire firmware updates only from trusted sources, operate the T300 on properly segmented control networks, and secure all administrative workstations with appropriate access controls.

What this means

What could happen

An attacker with network access to the Easergy T300 substation automation device could execute multiple attacks—including unauthorized commands, data theft, and service disruption—due to multiple vulnerabilities in authentication, input validation, and encryption without needing valid credentials or user interaction.

Who's at risk

Electric utilities and grid operators managing medium-voltage substations (2400–69,000 VAC) that use Easergy T300 grid automation platforms should prioritize this update. The T300 is typically deployed in substation control cabinets and is critical to reliable grid operation.

How it could be exploited

An attacker on the same network segment as the T300 would connect directly to the device (network access required). The vulnerabilities span weak authentication, improper input validation, and insecure deserialization, allowing an attacker to bypass access controls and execute arbitrary actions on the device without legitimate credentials.

Prerequisites

Network access to the Easergy T300 (must be on same network segment or reachable via network path)
No authentication credentials required
Device running vulnerable firmware V1.8.2 or earlier

remotely exploitableno authentication requiredlow complexityaffects grid automation systemsmultiple vulnerability types (authentication, input validation, encryption)

Exploitability

Low exploit probability (EPSS 0.4%)

Affected products (1)

ProductAffected VersionsFix Status

Easergy T300 with firmware V1.8.2 and prior≤ 1.5.22.7

Remediation & Mitigation

0/4

Do now

0/1

HARDENINGEnsure firmware updates are obtained only from official Schneider Electric sources

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade Easergy T300 firmware to version 2.7 or later from Schneider Electric Customer Care Center

Long-term hardening

0/2

HARDENINGSegment the control network so T300 devices are isolated from general corporate networks and untrusted systems

HARDENINGSecure all engineering workstations that have administrative access to the T300 with network access controls and credential management

CVEs (11)

CVE-2020-7503 CVE-2020-7504 CVE-2020-7505 CVE-2020-7506 CVE-2020-7507 CVE-2020-7508 CVE-2020-7509 CVE-2020-7510 CVE-2020-7511 CVE-2020-7512 CVE-2020-7513

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/a324982b-155a-41d5-97ad-661e3b832e3d