OTPulse
FeedAboutContact

EcoStruxureTM Foxboro DCS Control Core Services

Plan Patch7.8SEVD-2023-164-04Jun 13, 2023
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary

Multiple vulnerabilities in EcoStruxureTM Foxboro DCS Control Core Services can lead to denial of service, privilege escalation, and kernel code execution. The affected component manages fault-tolerant, highly available control functions critical to plant operation. Vulnerabilities include buffer overflow (CWE-787) and improper index validation (CWE-129). Patch HF98577958 is available and includes a system reboot requirement.

What this means
What could happen
An attacker with local access to a Foxboro DCS Control Core Services system could execute kernel code or escalate privileges, potentially stopping critical industrial processes or causing unauthorized control of plant equipment.
Who's at risk
Energy sector operators running EcoStruxureTM Foxboro DCS systems should prioritize this; the Control Core Services component is critical to process control on fault-tolerant and highly available control systems used in power generation, transmission, and distribution facilities.
How it could be exploited
An attacker with local system access (e.g., compromised engineering workstation or operator terminal) could exploit a buffer overflow (CWE-787) or index validation issue (CWE-129) in the Control Core Services to execute arbitrary code with kernel-level privileges or bypass access controls.
Prerequisites
  • Local system access to a DCS workstation or control server running vulnerable Control Core Services
  • Unprivileged or standard user-level permissions (PR:L in CVSS indicates low privilege required)
  • No authentication bypass needed for local exploitation
Privilege escalation possibleKernel code execution possibleAffects safety-critical process control systemsLocal access required (reduces but does not eliminate risk in shared control environments)
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
EcoStruxureTM Foxboro DCS Control Core Services<HF98577958Patch HF98577958
Remediation & Mitigation
0/3
Do now
0/1
HARDENINGRestrict local console and remote access to DCS workstations and Control Core Services systems to authorized personnel only; implement physical access controls and strong authentication
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXApply Patch HF98577958 to EcoStruxureTM Foxboro DCS Control Core Services
Long-term hardening
0/1
HARDENINGSegregate DCS networks from standard IT networks using firewalls or air-gapped architecture to limit lateral movement from compromised workstations
View full Schneider Electric advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/40ae8617-bf7b-4119-a197-199f93676302
EcoStruxureTM Foxboro DCS Control Core Services | CVSS 7.8 - OTPulse