Schneider Electric PrismaSeT Active - Wireless Panel Server

Low RiskSEVD-2025-133-04May 13, 2025

Summary

Schneider Electric PrismaSeT Active - Wireless Panel Server contains a vulnerability in the Silicon Labs Gecko Bootloader. Exploitation could lead to unauthorized code execution, disrupting the device's ability to monitor voltage loss and report status. The device is a low-voltage switchboard with cloud connectivity used in electrical distribution systems. No patch is currently available from Schneider Electric.

What this means

What could happen

An attacker could execute unauthorized code on the wireless panel server, potentially disabling voltage loss monitoring and causing loss of visibility into power distribution system status.

Who's at risk

Energy utilities and electrical service providers operating low-voltage switchboards using Schneider Electric PrismaSeT Active - Wireless Panel Servers, particularly those relying on this equipment for voltage loss monitoring and cloud-connected distribution control.

How it could be exploited

The vulnerability exists in the Silicon Labs Gecko Bootloader component used by the PrismaSeT Active - Wireless Panel Server. An attacker with physical access to the device or network access to the bootloader interface could exploit this to execute arbitrary code.

Prerequisites

Physical access to the device or network connectivity to bootloader services
Device configured in a state allowing bootloader interaction
Knowledge of Gecko Bootloader exploitation techniques

No patch availableAffects voltage monitoring capabilityCloud-connected deviceThird-party bootloader vulnerability (Silicon Labs Gecko Bootloader)

Affected products (1)

ProductAffected VersionsFix Status

PrismaSeT Active - Wireless Panel Server All versionsAll versionsNo fix (EOL)

Remediation & Mitigation

0/7

Do now

0/6

HARDENINGIsolate PrismaSeT Active - Wireless Panel Server networks from business networks behind firewalls

HARDENINGRestrict physical access to wireless panel servers with locked cabinets and ensure they are never left in Program mode

HARDENINGPrevent direct connection of programming software to the device from networks other than the intended control network

HARDENINGScan all mobile data exchange media (USB drives, CDs, etc.) before use on isolated networks

HARDENINGProhibit mobile devices that have connected to other networks from accessing control networks without proper sanitization

HARDENINGMinimize network exposure and ensure wireless panel servers are not accessible from the Internet

Mitigations - no patch available

0/1

PrismaSeT Active - Wireless Panel Server All versions has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGUse Virtual Private Networks (VPNs) when remote access is required; keep VPN software updated to the latest version

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/ebcc81d0-09d2-47b7-ae7d-2cdb3146469c