EcoStruxureTM Control Expert, EcoStruxureTM Process Expert, SCADAPack RemoteConnect™ for x70

Monitor5.3SEVD-2022-067-01Mar 8, 2022

Attack VectorNetwork

Auth RequiredNone

ComplexityHigh

User InteractionRequired

Summary

Schneider Electric has identified buffer overflow and improper exception handling vulnerabilities (CWE-119, CWE-754) in EcoStruxure™ Control Expert, EcoStruxure™ Process Expert, and SCADAPack RemoteConnect™ for x70 software. These products are used for engineering, programming, and operating Modicon PLCs and SCADAPack RTUs across energy, water, and oil and gas facilities. Exploitation via port 502/TCP (Modbus protocol) can cause denial of service, disrupting communication between controllers and engineering stations. The vulnerabilities affect EcoStruxure™ Control Expert versions up to 15.0 SP1, EcoStruxure™ Process Expert versions before 2021, and SCADAPack RemoteConnect™ for x70 versions before R2.7.3.

What this means

What could happen

An attacker could cause a denial of service that disrupts communication between Modicon controllers and engineering workstations, potentially affecting operational visibility and the ability to make real-time adjustments to running processes.

Who's at risk

Water utilities, electric utilities, oil and gas operators, and process industries (mining, cement, power generation, chemical) that use Schneider Electric's EcoStruxure™ Control Expert or Process Expert software for engineering and operating Modicon M340, M580, Premium, Momentum, and Quantum PLCs, or that deploy SCADAPack RemoteConnect™ for x70 RTU programming and configuration.

How it could be exploited

An attacker with network access to port 502/TCP (Modbus protocol) could send specially crafted requests to trigger a buffer overflow or exception handling flaw in the engineering software, causing it to crash or become unresponsive. This requires the attacker to reach the device from the network and does not require authentication or user interaction.

Prerequisites

Network access to port 502/TCP
No credentials required
No user interaction required

remotely exploitableno authentication requiredaffects engineering communicationsaffects process automation systemslow EPSS score but real-world impact

Exploitability

Low exploit probability (EPSS 0.3%)

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

EcoStruxure™ Control Expert <=V15.0 SP1≤ V15.0 SP1V15.1

SCADAPack RemoteConnect™ for x70 <R2.7.3<R2.7.3R2.7.3

EcoStruxure™ Process Expert <V2021<V20212021

Remediation & Mitigation

0/5

Do now

0/1

WORKAROUNDSetup network segmentation and implement firewall rules to block all unauthorized access to port 502/TCP

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade EcoStruxure™ Control Expert to version 15.1 or later

HOTFIXUpgrade SCADAPack RemoteConnect™ for x70 to version R2.7.3 or later

HOTFIXUpgrade EcoStruxure™ Process Expert to version 2021 or later

Long-term hardening

0/1

HARDENINGConsider migrating from Unity Pro to EcoStruxure™ Control Expert if not already done

CVEs (2)

CVE-2022-24322 CVE-2022-24323

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/68991019-5d8c-4c89-842b-7c195a33a3f0