PowerLogic EGX100 and PowerLogicEGX300

Act Now9.8SEVD-2021-159-03Jun 8, 2021

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

PowerLogic EGX100 and EGX300 are communication gateway devices used to relay data between power monitoring systems and control networks. Multiple vulnerabilities exist across all versions: improper input validation (CWE-20) combined with authentication bypass (CWE-287) allow an unauthenticated network attacker to execute arbitrary code or trigger denial of service on the device, disrupting its ability to function as a communication bridge in the control system. No patch is available from Schneider Electric; mitigation relies on network isolation and access controls.

What this means

What could happen

An attacker with network access to an EGX100 or EGX300 gateway can execute arbitrary code or cause denial of service, disrupting the device's ability to relay real-time power and energy data between control systems and monitoring applications.

Who's at risk

Energy sector operators responsible for power distribution, monitoring, and automation systems that rely on PowerLogic EGX100 or EGX300 gateways for real-time communications between PLCs, RTUs, and SCADA control centers should be concerned. This includes electric utilities, municipal power authorities, and industrial plants with on-site power monitoring and control systems.

How it could be exploited

An attacker on the network can send a specially crafted request to the gateway device without authentication. The device fails to properly validate input (CWE-20), allowing the attacker to bypass authentication (CWE-287) and inject malicious code or commands that execute with device privileges. This could allow remote code execution or crash the gateway.

Prerequisites

Network access to the EGX100 or EGX300 device (directly or through compromise of the control network)
No valid credentials required
Device must be reachable on the network

Remotely exploitableNo authentication requiredLow complexityNo patch availableCritical severity (CVSS 9.8)Affects industrial communication infrastructure

Exploitability

Moderate exploit probability (EPSS 1.1%)

Affected products (3)

1 pending2 EOL

ProductAffected VersionsFix Status

EGX100 All VersionsAll versionsNo fix (EOL)

EGX100≥ 3.0.0No fix yet

EGX300 All VersionsAll versionsNo fix (EOL)

Remediation & Mitigation

0/7

Do now

0/3

EGX100

HARDENINGIsolate the EGX100/EGX300 behind a firewall and separate it from the business network

All products

HARDENINGRestrict network access to the gateway device to only authorized control system nodes and engineering workstations

HARDENINGNever connect engineering workstations or programming software to any network other than the intended control network

Schedule — requires maintenance window

0/4

Patching may require device reboot — plan for process interruption

HARDENINGImplement physical security controls: lock equipment cabinets and ensure no unauthorized personnel can access the gateway or connected networks

HARDENINGScan all removable media (USB drives, CDs) for malware before connecting to any node on the control network

HARDENINGPrevent mobile devices from connecting to the control network unless they have been isolated and sanitized after use on other networks

WORKAROUNDIf remote access to the gateway is required, use a secure VPN and keep VPN software updated to the latest version

CVEs (6)

CVE-2021-22763 CVE-2021-22764 CVE-2021-22765 CVE-2021-22766 CVE-2021-22767 CVE-2021-22768

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/c492628d-08d6-4673-bfbc-653e8fe383c0