System Monitor Application in Harmony and Pro-face PS5000 Legacy Industrial PCs

Act Now9.8SEVD-2024-282-07Oct 8, 2024

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

A vulnerability in the System Monitor application of Schneider Electric Harmony Industrial PC Series and Pro-face PS5000 Legacy Industrial PC Series allows unauthenticated remote attackers to access sensitive information, modify system integrity, or cause denial of service. The flaw affects all versions of System Monitor in both product lines. No patch is available from the vendor. The recommended remediation is uninstallation of the System Monitor application. Customers should back up systems before making changes and test in non-production environments.

What this means

What could happen

An attacker could gain complete control of the Harmony or Pro-face Industrial PC, read sensitive data, modify system configuration, or shut down operations through this unauthenticated network vulnerability. There is no vendor patch available for these legacy systems.

Who's at risk

Energy and manufacturing facilities using Schneider Electric Harmony Industrial PC Series or Pro-face PS5000 Legacy Industrial PC Series as control or monitoring systems are at risk. Any organization relying on these industrial PCs for SCADA, process monitoring, or plant operations should review their inventory immediately.

How it could be exploited

An attacker on the network can send a crafted request to the System Monitor application on port 502 or the service port without authentication, exploiting a data exposure or integrity flaw to execute commands or extract sensitive configuration information from the industrial PC.

Prerequisites

Network access to the Harmony or Pro-face Industrial PC
System Monitor application installed and running
No firewall rules blocking access to System Monitor port
No authentication required

remotely exploitableno authentication requiredlow complexityno patch availablelegacy unsupported productcritical CVSS (9.8)

Exploitability

Low exploit probability (EPSS 0.2%)

Affected products (2)

1 pending1 EOL

ProductAffected VersionsFix Status

System Monitor application in Pro-face Industrial PC All VersionsAll versionsNo fix yet

System Monitor application in Harmony Industrial PC All VersionsAll versionsNo fix (EOL)

Remediation & Mitigation

0/4

Do now

0/3

WORKAROUNDUninstall System Monitor application from all Harmony Industrial PC systems using the uninstaller available from Schneider Electric website

WORKAROUNDUninstall System Monitor application from all Pro-face PS5000 Industrial PC systems using the uninstaller available from Pro-face website

HARDENINGImplement firewall rules to restrict network access to System Monitor application ports on any remaining industrial PCs

Mitigations - no patch available

0/1

System Monitor application in Harmony Industrial PC All Versions has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGIsolate Harmony and Pro-face Industrial PCs from untrusted networks and limit direct internet connectivity

CVEs (1)

CVE-2024-8884

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/06626e6a-acee-46aa-934d-c973dcb4b809