Eurotherm GUIcon

Monitor7.8SEVD-2021-313-07Nov 9, 2021

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Schneider Electric GUIcon versions 2.0 and earlier contain multiple memory corruption vulnerabilities (buffer overflow, use-after-free, buffer over-read) that allow arbitrary code execution, denial of service, or information disclosure on the host PC. GUIcon is a configuration tool for the discontinued penGUIn HMI range. Successful exploitation requires local or user-interaction-based access to the workstation running GUIcon. Schneider Electric has not released a patch and recommends decommissioning the software and migrating to supported alternatives.

What this means

What could happen

An attacker with access to the host PC running GUIcon could execute arbitrary code, crash the application, leak sensitive configuration data, or trick an operator into performing unintended actions on controlled systems.

Who's at risk

Energy utilities and manufacturing facilities that still use the legacy Schneider Electric penGUIn HMI range and its GUIcon configuration tool should be aware of this risk. If you have engineering workstations running GUIcon, they can be compromised through local access, which could allow an attacker to alter HMI configurations, view sensitive process parameters, or disrupt control system operations.

How it could be exploited

An attacker with local access to a PC running GUIcon (or who can trick a user into opening a malicious file) could exploit memory corruption vulnerabilities to run arbitrary code in the context of the GUIcon application, potentially compromising the engineering workstation and any systems it connects to.

Prerequisites

Local access to the host PC running GUIcon
User interaction required (social engineering or tricking operator to open malicious file)
GUIcon Build 683.003 version 2.0 or earlier

no patch availablerequires user interactionaffects engineering workstationlegacy/end-of-life productmemory safety vulnerabilities (buffer overflow, use-after-free)

Exploitability

Low exploit probability (EPSS 0.5%)

Affected products (1)

ProductAffected VersionsFix Status

GUIcon (Build 683.003) 2.0 and prior≤ 2.0No fix (EOL)

Remediation & Mitigation

0/5

Do now

0/3

HARDENINGIsolate all PCs running GUIcon from the corporate network and restrict to an air-gapped engineering network only.

HARDENINGRestrict physical access to engineering workstations running GUIcon; store PCs in locked cabinets when not in use.

HARDENINGDisable autorun on USB drives and implement malware scanning of all removable media before use on the engineering network.

Mitigations - no patch available

0/2

GUIcon (Build 683.003) 2.0 and prior has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGDiscontinue use of GUIcon software on engineering workstations; migrate configuration tasks to supported alternatives from Schneider Electric.

HARDENINGIf remote configuration access is required, use a hardened jump server with VPN and multi-factor authentication; never connect GUIcon workstations directly to the Internet.

CVEs (3)

CVE-2021-22807 CVE-2021-22808 CVE-2021-22809

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/eec3dc46-fbbb-45e9-beda-14c78da47b24