SCADAPack Workbench
Monitor5.5SEVD-2022-087-01Mar 28, 2022
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
SCADAPack Workbench versions 6.6.8a and earlier contain an XML external entity (XXE) vulnerability that allows local attackers to read files from the workstation and exfiltrate them to a remote system. This could expose sensitive configuration data or credentials used to manage SCADAPack 300E and 500E RTUs. The vulnerability requires local access to the machine and user interaction to trigger.
What this means
What could happen
An attacker with local access to a SCADAPack Workbench machine could read sensitive files and send them to a remote system, potentially exposing configuration data or credentials for RTU devices in your network.
Who's at risk
Energy sector utilities operating Schneider Electric SCADAPack 300E or 500E RTUs should care. This affects engineering staff who use SCADAPack Workbench on their workstations to program and configure these remote terminal units.
How it could be exploited
An attacker with local access to an engineering workstation running vulnerable SCADAPack Workbench can exploit an XML external entity (XXE) vulnerability to read files from the local file system and exfiltrate them to a remote server under their control.
Prerequisites
- Local access to the SCADAPack Workbench machine
- User interaction required (user must open a malicious file or interact with the application)
Requires local accessUser interaction requiredAffects engineering workstationsInformation disclosure risk
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (1)
ProductAffected VersionsFix Status
SCADAPack Workbench≤ 6.6.8a6.6.10
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate SCADAPack Workbench to version 6.6.10 or later
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/a3bef89a-9f14-4623-85f0-75342ef8c176