NetBotz 4 - 355/450/455/550/570

Plan PatchCVSS 8.8SEVD-2022-312-01Nov 8, 2022

Schneider ElectricEnergy

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Multiple vulnerabilities exist in NetBotz 4 environmental monitoring devices (models 355/450/455/550/570). These vulnerabilities include cross-site scripting (XSS), weak authentication mechanisms, and improper access control. The devices monitor temperature, humidity, leak detection, smoke, vibration, door contacts, and video in data centers and equipment rooms. Exploitation could allow unauthorized access and device manipulation. Schneider Electric has released firmware version 4.7.2 for models 355/450/455/550, but no fix is available for the 570 model.

What this means

What could happen

An attacker could manipulate NetBotz 4 environmental monitoring devices or gain unauthorized access, potentially disabling alerts for temperature, humidity, or leak detection in data centers and electrical rooms, preventing early detection of equipment failures.

Who's at risk

Environmental monitoring equipment operators, particularly in data centers, electrical substations, and critical infrastructure facilities. This affects Schneider Electric NetBotz 4 models 355, 450, 455, 550, and 570 environmental monitors used to detect temperature anomalies, humidity, water leaks, smoke, and vibration in equipment rooms.

How it could be exploited

An attacker on the network could exploit cross-site scripting (CWE-79) or weak authentication (CWE-307) vulnerabilities to gain administrative access to the NetBotz device without valid credentials. Once authenticated, the attacker could modify device settings, disable monitoring alerts, or extract sensitive environmental data.

Prerequisites

Network access to the NetBotz 4 device web interface (typically port 80/443)
User interaction via a phishing link or social engineering to trigger XSS (for some attack vectors)

remotely exploitablelow complexityaffects monitoring/alerting systemsno fix available for 570 modeluser interaction required for some attack vectors

Exploitability

Unlikely to be exploited — EPSS score 0.7%

Affected products (5)

4 with fix1 EOL

ProductAffected VersionsFix Status

NetBotz 4 - 355≤ 4.7.04.7.2

NetBotz 4 - 450≤ 4.7.04.7.2

NetBotz 4 - 455≤ 4.7.04.7.2

NetBotz 4 - 550≤ 4.7.04.7.2

NetBotz 4 - 570≤ 4.7.0No fix (EOL)

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDImplement firewall rules to restrict web access to the NetBotz device to trusted management IP addresses and networks

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

NetBotz 4 - 355

HOTFIXUpgrade NetBotz 4 - 355/450/455/550 to firmware version 4.7.2 or later

All products

HOTFIXAfter upgrading to 4.7.2, verify the upgrade was successful by confirming the device is running the correct firmware version

Mitigations - no patch available

0/1

NetBotz 4 - 570 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGFor NetBotz 4 - 570 (no patch available), implement network segmentation to restrict access to the device to authorized management networks only

CVEs (3)

CVE-2022-43376 CVE-2022-43377 CVE-2022-43378

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/83bfea95-a70d-429b-9a91-bfbfb50f7d05

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.