Saitel DP RTU

Monitor6.5SEVD-2022-130-02May 10, 2022

Attack VectorAdjacent

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Vulnerability in Triangle MicroWorks DNP3 Outstation Libraries used in Saitel DP RTU (Remote Terminal Unit), a modular platform for medium voltage and low voltage public distribution and transmission network management. A buffer overflow in the DNP3 communication stack can be triggered by malformed packets, resulting in denial of service—loss of remote access or device reboot.

What this means

What could happen

An attacker on the local network can crash the DNP3 communication on the Saitel DP RTU, causing loss of remote control and potentially forcing a device reboot, which could interrupt distribution network management operations.

Who's at risk

Energy sector operators managing medium and low voltage distribution and transmission networks using Saitel DP RTU devices should be concerned. This affects remote terminal units in electrical distribution infrastructure.

How it could be exploited

An attacker with network access to the Saitel DP RTU sends a malformed DNP3 packet that triggers a buffer overflow in the Triangle MicroWorks library, causing the DNP3 service to fail or the device to reboot.

Prerequisites

Network access to the Saitel DP RTU (local network segment required)
No credentials needed—DNP3 protocol does not require authentication by default

Remotely exploitableNo authentication requiredLow complexity attackAffects network management systemsLocal network access required

Exploitability

Low exploit probability (EPSS 0.4%)

Affected products (1)

ProductAffected VersionsFix Status

Saitel DP BaseLine>=11.06.23|<=09.00.00≥ 11.06.23|≤ 09.00.0011.06.24

Remediation & Mitigation

0/3

Do now

0/1

WORKAROUNDRestrict network access to the Saitel DP RTU to authorized control network segments using firewall rules

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade Saitel DP RTU BaseLine to version 11.06.24 or later

Long-term hardening

0/1

HARDENINGImplement network segmentation to isolate the Saitel DP RTU from untrusted networks

CVEs (1)

CVE-2020-6996

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/67df817f-a638-44d7-995d-b1af4c5c7a44