Schneider Electric PLC Simulator for EcoStruxure Control Expert

Risk Summary

Successful exploitation of this vulnerability could cause a denial-of-service condition, which could result in a failure of the EcoStruxture Control Expert Simulator.

CVEs (1)

Remediations

• Schneider Electric has released Version 15.0 of the EcoStruxure Control Expert software to mitigate this vulnerability. It is available for download on the Schneider Electric website.
• In the option dialog box of the PLC simulator, set the listening IP Address to 127.0.0.1 (localhost), which will prevent remote network connections to the PLC simulator.
• The default listening IP address is: 0.0.0.0. The default setting exposes the PLC to the vulnerability described in this advisory.
• Schneider Electric recommends using appropriate patching methodologies when applying these patches. It also strongly recommends the use of back-ups and evaluating the impact of these patches in a test and development environment or on offline infrastructure. Contact Schneider Electric's Customer Care Center for assistance removing a patch.
• If users choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit:
• Set up network segmentation and implement a firewall to block all unauthorized access to Port 502/TCP
• Harden the engineering workstation running PLC Simulator for EcoStruxure Control Expert
• Follow workstation, network, and site-hardening guidelines in the Cybersecurity Best Practices guide.
• Please see Schneider Electric Security Notification number SEVD-2020-315-07 for more information.

Affected Vendors

Affected Products (2)

Affected Sectors

Commercial Facilities, Energy, Food and Agriculture, Government Facilities, Transportation Systems, Water and Wastewater Systems