OTPulse
FeedAboutContact

Easergy P5

Plan Patch8.8SEVD-2022-011-03Jan 11, 2022
Attack VectorAdjacent
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

Schneider Electric has identified multiple vulnerabilities in the Easergy P5 medium voltage protection relay. These vulnerabilities stem from hardcoded credentials (CWE-798) and buffer overflow issues (CWE-120) that allow attackers with network access to disclose device credentials, cause denial of service and device reboot, or gain full control of the relay. Successful exploitation could result in loss of electrical protection to the grid. The vulnerabilities affect all Easergy P5 firmware versions prior to 01.401.101.

What this means
What could happen
An attacker with network access to an Easergy P5 relay could steal device credentials, cause it to reboot or stop responding, or gain complete control and disable electrical protection for your medium voltage network.
Who's at risk
Utilities and energy providers managing medium voltage electrical distribution networks. This affects Easergy P5 protection relays that provide fault detection and isolation for distribution lines. Any compromise could disable critical protections and cause unplanned outages or equipment damage.
How it could be exploited
An attacker on the same network segment as the Easergy P5 could exploit hardcoded or weak credentials (CWE-798) or a buffer overflow (CWE-120) to execute arbitrary commands on the relay. No authentication is required and the attack does not involve user interaction, allowing an attacker to compromise the device remotely from the network.
Prerequisites
  • Network access to the Easergy P5 device on the same network segment or adjacent subnet (AV:A per CVSS vector)
  • No credentials or authentication required
  • No special configuration needed
remotely exploitableno authentication requiredlow complexity attack (AV:A, AC:L)hardcoded or weak credentials (CWE-798)buffer overflow (CWE-120)affects safety/protection systems
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (1)
ProductAffected VersionsFix Status
Easergy P5 < 01.401.101< 01.401.10101.401.101
Remediation & Mitigation
0/2
Do now
0/1
HARDENINGIsolate Easergy P5 relays from direct network access using network segmentation or a firewall that restricts access to only authorized engineering and monitoring systems
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Easergy P5 firmware to version 01.401.101 or 01.303.202 (depending on your current firmware version; contact Schneider Electric Customer Care Center for version selection guidance)
View full Schneider Electric advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/e98943a0-9749-4b23-92d8-168fdbbd5031
Easergy P5 | CVSS 8.8 - OTPulse