Schneider Electric C-Bus Home Automation Products
Act Now9.8SEVD-2022-165-06Jun 14, 2022
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
Schneider Electric C-Bus Home Automation products contain multiple authentication and credential management vulnerabilities (CWE-521, CWE-287) affecting Network Automation Controllers and Wiser for C-Bus Automation Controllers at version 1.10.0 and below. These are fully integrated systems that control and automate lighting and electrical systems. Exploitation could allow unauthorized access and control of the device, potentially altering automated electrical operations.
What this means
What could happen
An attacker with network access could authenticate without valid credentials and take control of lighting and electrical automation systems in buildings, potentially disrupting facility operations or creating safety hazards.
Who's at risk
Facility and building automation engineers and operators responsible for lighting control and electrical system automation using Schneider Electric, Clipsal, or SpaceLogic C-Bus controllers. This affects any commercial or industrial facility running these home/building automation systems for lighting, HVAC integration, or general electrical device control.
How it could be exploited
An attacker on the network can attempt to access the C-Bus controller's web interface or configuration portal. Due to weak authentication mechanisms (CWE-287 credential management weakness), the attacker can bypass login controls without knowing valid credentials or by exploiting credential storage/transmission flaws (CWE-521). Once authenticated, the attacker gains full control to modify automation rules, lighting setpoints, and electrical system commands.
Prerequisites
- Network connectivity to the C-Bus controller management interface (typically port 80/443 HTTP/HTTPS or proprietary C-Bus ports)
- No valid credentials required due to authentication weakness
Remotely exploitableNo authentication requiredLow complexity attackAffects automated safety-critical systems (lighting/electrical control)Critical CVSS score (9.8)
Exploitability
Low exploit probability (EPSS 0.5%)
Affected products (6)
4 with fix2 EOL
ProductAffected VersionsFix Status
Clipsal C-Bus Network Automation Controller <=V1.10.0≤ V1.10.0V1.11.0
Schneider Electric C-Bus Network Automation Controller <=V1.10.0≤ V1.10.0V1.11.0
Schneider Electric Wiser for C-Bus Automation Controller <=V1.10.0≤ V1.10.0V1.11.0
SpaceLogic C-Bus Network Automation Controller <=V1.10.0≤ V1.10.0V1.11.0
SpaceLogic C-Bus Application Controller <=V1.10.0≤ V1.10.0No fix (EOL)
Clipsal Wiser for C-Bus Automation Controller <=V1.10.0≤ V1.10.0No fix (EOL)
Remediation & Mitigation
0/7
Do now
0/1WORKAROUNDRestrict network access to C-Bus controller management interfaces using firewall rules; allow only trusted engineering and administrative workstations
Schedule — requires maintenance window
0/5Patching may require device reboot — plan for process interruption
HOTFIXUpgrade Clipsal C-Bus Network Automation Controller to firmware version 1.11.0 or later
HOTFIXUpgrade Schneider Electric C-Bus Network Automation Controller to firmware version 1.11.0 or later
HOTFIXUpgrade Schneider Electric Wiser for C-Bus Automation Controller to firmware version 1.11.0 or later
HOTFIXUpgrade SpaceLogic C-Bus Network Automation Controller to firmware version 1.11.0 or later
HOTFIXUpgrade Clipsal Wiser for C-Bus Automation Controller to firmware version 1.11.0 or later
Mitigations - no patch available
0/1The following products have reached End of Life with no planned fix: SpaceLogic C-Bus Application Controller <=V1.10.0, Clipsal Wiser for C-Bus Automation Controller <=V1.10.0. Apply the following compensating controls:
HARDENINGSegment C-Bus automation controllers from general IT networks; place on isolated facility network with access controls
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/4690b454-f933-4aa8-b886-09bbd047d0ed