Easergy P40

Monitor7.1SEVD-2022-039-03Feb 8, 2022

Attack VectorAdjacent

Auth RequiredNone

ComplexityHigh

User InteractionRequired

Summary

Schneider Electric has identified multiple vulnerabilities in the Easergy P40 protection relay series (all firmware versions with Ethernet connectivity). The vulnerabilities allow an attacker to disclose device credentials, disrupt communications, or gain full control of the relay, resulting in loss of electrical protection to the network. No firmware patch is available for this product line.

What this means

What could happen

An attacker with network access to an Easergy P40 relay could steal credentials, disrupt communications, or gain full control of the device, potentially disabling electrical protection and causing loss of power supply or equipment damage.

Who's at risk

This affects electrical utilities and industries that rely on Easergy P40 protection relays for medium-voltage (MV), high-voltage (HV), and extra-high-voltage (EHV) circuit protection. Any organization using these relays with Ethernet connectivity is at risk of losing electrical protection and control. This includes municipal electric utilities, substations, industrial power systems, and generation facilities.

How it could be exploited

An attacker on the same network segment (or with routing access) as the Easergy P40 can exploit credential storage or authentication weaknesses to access the device without valid credentials. Once authenticated, the attacker can modify relay settings, disable protections, or cause loss of communications that isolates the relay from the network.

Prerequisites

Network access to the Easergy P40 device (same subnet or routed path)
Device must have Ethernet option enabled (model variants with Q, R, or S suffix)
No valid credentials required for exploitation

No patch availableRemotely exploitableLow complexityDefault or hardcoded credentials involvedAffects electrical protection systems (safety-critical)

Exploitability

Low exploit probability (EPSS 0.4%)

Affected products (1)

ProductAffected VersionsFix Status

Easergy P40 Series model numbers with Ethernet option bit as Q, R, S All PX4X firmware versionsAll PX4X firmware versionsNo fix yet

Remediation & Mitigation

0/7

Do now

0/3

HARDENINGSegment the Easergy P40 relay and all protection relay networks behind a firewall, isolated from the business network and the Internet.

HARDENINGRestrict network access to the Easergy P40 using firewall rules, ensuring only authorized engineering and monitoring systems can reach the device.

HARDENINGImplement physical access controls: lock relay cabinets and keep devices out of 'Program' mode when not in use.

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

WORKAROUNDIf remote access is required, use a VPN with the latest security patches and keep it updated.

Long-term hardening

0/3

HARDENINGNever connect programming software or workstations to multiple networks; dedicate engineering devices to the control system network only.

HARDENINGScan all removable media (USB drives, CDs) for malware before connecting to the relay network.

HARDENINGAvoid connecting mobile devices or portable equipment to the protection relay network unless they are dedicated and have not accessed other networks.

CVEs (1)

CVE-2022-22813

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/487c0d32-9e24-4125-b529-69bfda9fc76d