Easergy T200 Multiple Vulnerabilities

Act Now9.8SEVD-2024-072-01Mar 12, 2024

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Schneider Electric Easergy T200 RTU contains multiple vulnerabilities including weak password mechanisms (CWE-307), cross-site scripting (CWE-79), and insecure file permissions (CWE-552). The product is a modular platform for medium and low voltage distribution network management using Modbus, IEC104, or DNP3 protocols. Vulnerabilities could allow brute force attacks leading to unauthorized data access and device compromise.

What this means

What could happen

An attacker could brute-force credentials to gain unauthorized access to the Easergy T200 RTU, potentially reading sensitive configuration data, modifying operational parameters, or disrupting distribution network management functions.

Who's at risk

Electric utilities and municipal power authorities operating medium voltage (MV) and low voltage (LV) distribution networks with Easergy T200 RTUs should be concerned, particularly those using Modbus, IEC104, or DNP3 variants for SCADA control and telemetry. Device is typically deployed at substations and distribution points as a gateway to legacy protection and control systems.

How it could be exploited

An attacker with network access to the Easergy T200 management interface could perform brute-force attacks against weak password mechanisms (CWE-307) due to lack of rate limiting or account lockout. Once authenticated, the attacker could exploit cross-site scripting or file permission vulnerabilities to inject malicious code or access restricted files on the device.

Prerequisites

Network access to the Easergy T200 management interface (typically port 80/443 HTTP/HTTPS or protocol-specific ports)
No special credentials required for initial brute-force attack; valid credentials required only after successful attack

remotely exploitableno authentication required for brute-force attacklow complexity attackno patch available publiclyaffects critical infrastructure (distribution network management)end-of-life product (unsupported since 2021)

Exploitability

Low exploit probability (EPSS 0.3%)

Affected products (3)

3 EOL

ProductAffected VersionsFix Status

Easergy T200 (Modbus)≤ SC2-04MOD-07000105No fix (EOL)

Easergy T200 (IEC104)≤ SC2-04IEC-07000104No fix (EOL)

Easergy T200 (DNP3)≤ SC2-04DNP-07000104No fix (EOL)

Remediation & Mitigation

0/3

Do now

0/1

WORKAROUNDImplement network access controls to restrict management interface access to authorized engineering workstations and control center systems only

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXContact Schneider Electric Customer Care Center to obtain available fix for Easergy T200 vulnerabilities

Mitigations - no patch available

0/1

The following products have reached End of Life with no planned fix: Easergy T200 (Modbus), Easergy T200 (IEC104), Easergy T200 (DNP3). Apply the following compensating controls:

HARDENINGEvaluate upgrade to PowerLogic T300 product line as long-term replacement for end-of-life Easergy T200

CVEs (3)

CVE-2024-2051 CVE-2024-2050 CVE-2024-2052

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/2b6f29d9-45b5-4b4e-b9b0-ba6a4d08f01f