Schneider Electric PrismaSeT Active - Wireless Panel Server

Low RiskSEVD-2025-133-04May 13, 2025

Schneider ElectricEnergy

Summary

Schneider Electric PrismaSeT Active - Wireless Panel Server contains a vulnerability in the Silicon Labs Gecko Bootloader that could allow unauthorized code execution. The PrismaSeT Active is a cloud-connected low-voltage switchboard device used for electrical distribution and voltage monitoring. Successful exploitation could result in unavailability of the device for voltage loss monitoring and loss of switchboard control.

What this means

What could happen

An attacker who gains physical or wireless access to the PrismaSeT Active Wireless Panel Server could execute arbitrary code on the device, potentially causing loss of voltage monitoring capability and disrupting switchboard operations.

Who's at risk

Energy utilities and facilities managers operating Schneider Electric PrismaSeT Active Wireless Panel Servers for switchboard and voltage monitoring. This affects any low-voltage switchboard installation using this latest-generation cloud-connected device.

How it could be exploited

The vulnerability exists in the Silicon Labs Gecko Bootloader embedded in the device. An attacker with physical access or wireless connectivity to the device could exploit the bootloader to load malicious firmware, gaining code execution on the panel server.

Prerequisites

Physical access to the device or wireless connectivity within range
Ability to interact with or reprogram the bootloader

no patch availablebootloader vulnerability affects device firmware integritywireless connectivity increases attack surface

Affected products (1)

ProductAffected VersionsFix Status

PrismaSeT Active - Wireless Panel Server All versionsAll versionsNo fix (EOL)

Remediation & Mitigation

0/5

Do now

0/2

WORKAROUNDDisable wireless connectivity if not required for operations, or restrict wireless access to authorized devices only

WORKAROUNDScan all removable media (USB drives, CDs) with antivirus before connecting to the control network

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

HARDENINGIsolate the PrismaSeT Active Wireless Panel Server and control networks behind firewalls, separated from the business network

HARDENINGPlace all PrismaSeT Active devices in locked cabinets and ensure they are never left in Program mode

HARDENINGEnsure the device is not accessible from the Internet; block inbound connections from untrusted networks

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/ebcc81d0-09d2-47b7-ae7d-2cdb3146469c

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.