← Back to home
ICSA-19-003-01  ·  Published 2019-01-03  ·  View on CISA ICS-CERT ↗

Schneider Electric Pro-face GP-Pro EX

CVSS 9.0 CRITICAL

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to modify code to launch an arbitrary executable upon launch of the program.

CVEs (1)

Remediations

  • Schneider Electric has produced Version 4.08.200 of the software. It can be downloaded from:
  • For more information, see Schneider Electric's security bulletin at:

Affected Vendors

Schneider Electric Software, LLC

Affected Products (1)

Schneider Electric Software, LLC · Pro-face GP-Pro EX <= 4.08

Affected Sectors

Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more