SCADAPack x70 Remote Connect and SCADAPack x70 Security Administrator

Plan Patch7.8SEVD-2020-252-01Sep 8, 2020

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Multiple vulnerabilities in SCADAPack x70 Remote Connect and SCADAPack x70 Security Administrator allow local attackers with low privileges to compromise system security through improper path handling, weak access controls, and insecure deserialization. Affects versions Remote Connect V3.6.3.574 and prior, and Security Administrator V1.2.0 and prior.

What this means

What could happen

An attacker with local access to a workstation running these applications could bypass authentication and authorization controls, read sensitive configuration files, or execute arbitrary code to modify SCADA system settings and device configurations.

Who's at risk

Operators of Schneider Electric SCADA systems using SCADAPack x70 platforms, particularly energy utilities and power distribution systems that rely on Remote Connect for remote device management or Security Administrator for access control management. Affects engineering workstations and SCADA management consoles.

How it could be exploited

An attacker with physical or local network access to a workstation running Remote Connect or Security Administrator could exploit path traversal vulnerabilities to access restricted files, weak access controls to bypass authentication mechanisms, or insecure deserialization to execute arbitrary code on the system managing SCADA devices.

Prerequisites

Local or physical access to a workstation running SCADAPack x70 Remote Connect or Security Administrator
No credentials required for some vulnerabilities (user interaction may be needed to trigger the flaw)

Local or physical access required (limits but does not eliminate risk in multi-user or contractor environments)No authentication bypass for Remote Connect fix (but Security Administrator had auth issues)Low EPSS score (0.4%) suggests limited active exploitationAffects safety/control system configuration and management

Exploitability

Low exploit probability (EPSS 0.4%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

SCADAPack x70 Security Administrator V1.2.0 and prior≤ 1.2.01.6.2

SCADAPack x70 Remote Connect V3.6.3.574 and prior≤ 3.6.3.5743.7.3.904

Remediation & Mitigation

0/4

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate SCADAPack x70 Remote Connect to version 3.7.3.904 or later (available in RemoteConnect V2.4.2 package)

HOTFIXUpdate SCADAPack x70 Security Administrator to version 1.6.2 or later (available in RemoteConnect V2.4.2 package)

Long-term hardening

0/2

HARDENINGRestrict physical and network access to workstations running SCADAPack Remote Connect and Security Administrator to authorized engineering staff only

HARDENINGImplement access controls and user account restrictions on engineering workstations to limit who can run or modify these applications

CVEs (5)

CVE-2020-12525 CVE-2020-7529 CVE-2020-7530 CVE-2020-7531 CVE-2020-7532

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/471d447a-9199-4e73-9cba-4c4a76e355ee