EcoStruxure™ Machine SCADA Expert / BLUE Open Studio

Plan Patch7.3SEVD-2024-226-02Aug 13, 2024

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionRequired

Summary

A vulnerability in an AVEVA component used by EcoStruxure™ Machine SCADA Expert and BLUE Open Studio allows privilege escalation and arbitrary code execution on affected versions. The vulnerability stems from unsafe code loading (CWE-427). Exploitation requires local access to the development workstation and user interaction to open a malicious project file. Successful exploitation could result in information disclosure, integrity loss, or denial of service in SCADA/HMI applications running in production systems. Versions prior to 2020 SP3 HF1 are vulnerable.

What this means

What could happen

An attacker with local access to the development workstation could exploit this vulnerability to execute arbitrary code or escalate privileges, potentially compromising the integrity of SCADA/HMI projects and gaining control over supervisory logic that runs on production systems.

Who's at risk

Energy and manufacturing operators who use Schneider Electric EcoStruxure™ Machine SCADA Expert or Pro-face BLUE Open Studio for HMI, SCADA, OEE, and dashboard development on Harmony Industrial PC or GTU Open Box systems should prioritize patching. This affects the development/engineering environment and could compromise the integrity of supervisory control logic running in production.

How it could be exploited

An attacker with local access to a machine running EcoStruxure™ Machine SCADA Expert or BLUE Open Studio could exploit an unsafe code loading mechanism to execute arbitrary code with elevated privileges. This would require user interaction (opening a malicious project or file) to trigger the vulnerability.

Prerequisites

Local access to the development workstation
User must open or interact with a malicious SCADA project or file
Affected software version prior to 2020 SP3 HF1

Local access required (limits attack scope but affects high-value engineering workstations)Unsafe code loading mechanism (CWE-427)Could lead to privilege escalation and arbitrary code executionAffects SCADA development tools—compromise could alter control logic in production systems

Exploitability

Low exploit probability (EPSS 0.0%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

EcoStruxure™ Machine SCADA Expert<2020 SP3 HF12020 SP3 HF1

BLUE Open Studio<2020 SP3 HF12020 SP3 HF1

Remediation & Mitigation

0/4

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

EcoStruxure™ Machine SCADA Expert

HOTFIXUpdate EcoStruxure™ Machine SCADA Expert to version 2023 or later, or apply hotfix 2020 SP3 HF1. For 2020 versions, contact Schneider Electric Customer Care Center.

BLUE Open Studio

HOTFIXUpdate BLUE Open Studio to version 2023 or later, or apply hotfix 2020 SP3 HF1. For 2020 versions, contact Pro-face Customer Care Center.

Long-term hardening

0/2

HARDENINGRestrict local access to development workstations running these tools to authorized engineering staff only and enforce strong access controls.

HARDENINGApply principle of least privilege to development workstation accounts; do not run the SCADA development tools under administrative credentials unless necessary.

CVEs (1)

CVE-2023-6132

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/97c02e49-6f4e-4f3a-a96a-1ab3b82888f7