Schneider Electric StruxureWare Building Expert Plaintext Credentials Vulnerability

CVEs (1)

Remediations

• Schneider Electric encourages all customers to upgrade their MPMs to the newly released Version 2.15 or higher to mitigate the risks associated with this vulnerability. It is important to plan the upgrade procedures before execution to avoid unnecessary downtime and re-engineering. If unsure about the risks associated with upgrading MPMs to the new firmware, please contact your account manager or technical support.
• For more information on this vulnerability and detailed instructions, please see Schneider Electric’s security notification number SEVD-2015-254-01 at the following location: (www.schneider-electric.com/ww/en/download/document/SEVD-2015-254-01)
• Please see the MPM installation guide for more details about how to obtain and install firmware Version 2.15. It can be found at the following location (login required): (https://buildingsdownloads.schneider-electric.com/documents/10807/250220/MPM+Series+-+Installation+Sheet/6b83cb2c-6d93-4e41-9902-2d8e13936727)

Affected Vendors

Affected Products (1)