SpaceLogic AS-P and AS-B Automation Servers
Monitor6.4SEVD-2024-163-04Jun 11, 2024
Attack VectorLocal
Auth RequiredHigh
ComplexityHigh
User InteractionNone needed
Summary
Multiple vulnerabilities in Schneider Electric SpaceLogic AS-P and AS-B automation servers (version 5.0.3 and prior) allow a local administrative user to exploit a race condition (CWE-367) to extract SNMP credentials and escalate privileges. The SpaceLogic AS-P is a primary system controller handling control logic, trend logging, and alarm supervision with connectivity to field devices. The SpaceLogic AS-B is a compact all-in-one server for EcoStruxure Building Operation. Successful exploitation could lead to unauthorized modification of system configuration, control parameters, and device communications.
What this means
What could happen
An attacker with local access to a SpaceLogic automation server could read SNMP credentials and escalate their privileges to modify the building automation system configuration, including control logic, alarms, and field device parameters.
Who's at risk
Building automation operators and energy facility managers using Schneider Electric SpaceLogic AS-P (primary system controller for control logic and alarm supervision) or SpaceLogic AS-B (all-in-one building operation server) versions 5.0.3 or earlier should prioritize patching these systems, particularly in facilities where local access controls may be inadequate.
How it could be exploited
An attacker with local administrative access to the SpaceLogic AS-P or AS-B server could exploit a race condition (CWE-367) in the system's credential handling to extract SNMP credentials from system memory. With those credentials and elevated privileges, the attacker could reconfigure the automation system's control logic, trend logging, alarm settings, or communication parameters to field devices and I/O.
Prerequisites
- Local administrative access to the SpaceLogic AS-P or AS-B server
- Knowledge of the timing window to exploit the race condition
- Access to the system during the vulnerable operation
Race condition vulnerabilityRequires high privilege level (local administrator)Affects credential exposure and privilege escalationNo active exploitation reported
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
SpaceLogic AS-P V5.0.3 and prior≤ 5.0.36.0.1
SpaceLogic AS-B V5.0.3 and prior≤ 5.0.36.0.1
Remediation & Mitigation
0/2
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
HOTFIXApply firmware update to SpaceLogic AS-P and AS-B version 6.0.1 or later
HOTFIXIf version 6.0.1 upgrade is not immediately feasible, apply available hotfix patches for versions 5.0.3 or 4.0.5 from the Schneider Electric community portal
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/050cef46-5c56-45c1-ad2d-3c0919092711