ConneXium Network Manager (CNM) Software

Monitor7.8SEVD-2021-285-02Oct 12, 2021

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

ConneXium Network Manager (CNM) is Ethernet network management software that allows users to configure multiple industrial Ethernet devices from a central workstation. A vulnerability exists in how CNM processes project configuration files (.cxn). If a user opens a malicious or specially crafted project file from an untrusted source, the CNM software fails to properly validate the database content, allowing arbitrary code execution on the CNM workstation. This could lead to unauthorized access to configuration settings for all connected Ethernet devices and compromise of the workstation itself.

What this means

What could happen

An attacker with access to a ConneXium Network Manager project file could execute arbitrary code on the management workstation by crafting a malicious configuration database. This could give the attacker control to reconfigure network-connected industrial devices or further compromise the plant network.

Who's at risk

Energy sector operators and industrial facilities that use Schneider Electric ConneXium Ethernet network devices managed via the ConneXium Network Manager software. This affects anyone responsible for configuring multiple network switches, routers, or industrial Ethernet devices through CNM.

How it could be exploited

An attacker obtains or creates a malicious ConneXium Network Manager project file (.cxn) with embedded payloads. The attacker tricks a user into loading this file into CNM on a workstation. When the file is opened, the malicious database content is processed without sufficient validation, allowing code execution on the CNM workstation with the privileges of the logged-in user.

Prerequisites

User access to open project files in ConneXium Network Manager
Ability to deliver a malicious .cxn project file to the CNM workstation (e.g., email, USB, shared drive, or download)
User interaction required: victim must open the malicious project file

Requires user interaction (malicious file must be opened)No patch available from vendorAffects management workstations which often have broad network accessLow complexity attack if attacker can deliver malicious project file

Exploitability

Low exploit probability (EPSS 0.9%)

Affected products (1)

ProductAffected VersionsFix Status

ConneXium Network Manager (Ethernet network management software) all versionsAll versionsNo fix (EOL)

Remediation & Mitigation

0/3

Do now

0/2

WORKAROUNDBefore loading any CNM project file from an untrusted source, run the CNM Alarms Disabler Tool to sanitize the database

HARDENINGEnable Edit Mode protection in ConneXium Network Manager by setting an Edit Password and switching to Run mode before exiting the application

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HARDENINGRestrict who can access CNM workstations and load project files; store trusted project files in access-controlled locations

CVEs (1)

CVE-2021-22801

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/73f00621-d6d4-4aa0-a28c-72cd3ec39631