SoMove
MonitorCVSS 4SEVD-2020-224-07Aug 11, 2020
Schneider ElectricEnergy
Attack path
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
Schneider Electric SoMove contains an improper file permissions vulnerability (CWE-276) that allows a local attacker to read sensitive information from the application without authentication. The vulnerability affects SoMove V2.8.1 and earlier versions and is fixed in version 2.8.2.
What this means
What could happen
A local attacker could read sensitive information from the SoMove application, potentially exposing engineering data or configuration details used to control electrical equipment.
Who's at risk
Energy utilities and equipment manufacturers using SoMove (a motor control engineering application by Schneider Electric) for configuring and programming variable frequency drives and other electrical equipment should prioritize this update to prevent unauthorized disclosure of engineering configurations.
How it could be exploited
An attacker with local access to a machine running SoMove could exploit improper file permissions (CWE-276) to read files or access memory containing confidential information without needing to authenticate to the application.
Prerequisites
- Local access to the computer running SoMove
- SoMove V2.8.1 or earlier installed
Local access requiredImproper file permissions
Exploitability
Unlikely to be exploited — EPSS score 0.1%
Affected products (1)
ProductAffected VersionsFix Status
SoMove V2.8.1 and prior≤ 2.8.12.8.2
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate SoMove to version 2.8.2 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/202f5e45-9006-403b-97d0-054253ac7973Get OT security insights every Tuesday
Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.