EcoStruxure™ Foxboro DCS

Monitor6.5SEVD-2025-343-01Dec 9, 2025

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionNone needed

Summary

A side-channel vulnerability exists in EcoStruxure™ Foxboro DCS (formerly Foxboro Evo Process Automation System and I/A Series) that could allow an authenticated local user to disclose sensitive system information. The vulnerability affects Virtualization Server V91, Standard Workstation H92, and Server H90. Exploitation could lead to loss of system functionality or unauthorized access to control functions. Schneider Electric recommends upgrading to the latest hardware versions: Foxboro servers to V95/H94, workstations to H94/Dell D96.

What this means

What could happen

An authenticated local user could exploit a side-channel vulnerability to disclose sensitive information from the DCS, potentially enabling unauthorized access to critical control functions or disruption of continuous plant operation.

Who's at risk

Power generation and distribution facilities, refineries, and other critical infrastructure operators using Schneider Electric EcoStruxure™ Foxboro DCS systems (V91/H92/H90 versions). Impacts DCS servers, workstations, and virtualization hosts that control or monitor essential process automation.

How it could be exploited

An attacker with valid credentials on the DCS server, workstation, or virtualization host could execute a side-channel attack (Intel-related vulnerability) to extract sensitive data from system memory. This requires physical or network access to the system and valid authentication credentials to log in locally.

Prerequisites

Valid user credentials for the Foxboro DCS server, workstation, or virtualization host
Local or direct network access to the affected system
Ability to execute commands or applications on the authenticated system

Affects critical DCS infrastructureRequires valid credentialsSide-channel vulnerability (Intel processor related)Low EPSS score indicates low immediate threatLocal access required

Exploitability

Low exploit probability (EPSS 0.5%)

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

EcoStruxure™ Foxboro DCS Virtualization Server V91All versionsEcoStruxure™ Foxboro DCS Virtualization Server

EcoStruxure™ Foxboro DCS Standard Workstation H92All versionsEcoStruxure™ Foxboro DCS Standard Workstation

EcoStruxure™ Foxboro DCS Server H90All versionsEcoStruxure™ Foxboro DCS Server

Remediation & Mitigation

0/5

Do now

0/2

HARDENINGRestrict physical and network access to DCS servers and workstations to authorized personnel only

HARDENINGEnforce strong authentication policies and regularly audit user access rights on DCS systems

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade EcoStruxure™ Foxboro DCS Virtualization Server to V95 or contact Schneider Electric for migration guidance

HOTFIXUpgrade EcoStruxure™ Foxboro DCS Standard Workstation to H94 or Dell D96 or contact Schneider Electric for migration guidance

HOTFIXUpgrade EcoStruxure™ Foxboro DCS Server to H94 or contact Schneider Electric for migration guidance

CVEs (1)

CVE-2018-12130

View full Schneider Electric advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/301c652a-d57f-4739-b75f-edc179ce4118