OTPulse
FeedAboutContact

Geo SCADA Mobile

Monitor4.8SEVD-2022-165-02Jun 14, 2022
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionRequired
Summary

Schneider Electric Geo SCADA Mobile contains a vulnerability in its Android mobile application that allows a local attacker to manipulate user interactions, potentially causing operators to issue unintended actions to the Geo SCADA Expert system. This could result in incorrect data being displayed, incorrect alarm acknowledgements, or execution of wrong plant control commands if control permissions are enabled on the app. The vulnerability affects versions 222 and earlier.

What this means
What could happen
An attacker with local access to a mobile device running Geo SCADA Mobile could trick an operator into performing unintended actions or acknowledging false alarms, potentially leading to incorrect plant control commands if device permissions allow it.
Who's at risk
Energy sector operators and plant technicians who use Schneider Electric's Geo SCADA Mobile app on Android devices to monitor and control SCADA systems remotely. This includes utility engineers accessing data or issuing plant control commands via the app.
How it could be exploited
An attacker with physical access to an unlocked mobile device running Geo SCADA Mobile could manipulate the user interface or session state to cause the operator to submit unintended requests to the Geo SCADA Expert system—for example, acknowledging alarms that should remain active or issuing control commands intended for different setpoints.
Prerequisites
  • Physical or local network access to the mobile device running Geo SCADA Mobile
  • Device must be unlocked or session must be active
  • User interaction required (attacker must trick operator into confirming an action)
  • Geo SCADA Mobile Server must be configured and reachable
Local access requiredUser interaction requiredLow exploit complexityAffects remote access to control systems
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
Geo SCADA Mobile <=222≤ 222202205171
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Geo SCADA Mobile to build 202205171 or later from the Google Play Store
View full Schneider Electric advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/a97440a7-47c9-4592-804c-16a0a26091c7
Geo SCADA Mobile | CVSS 4.8 - OTPulse