ICSA-24-284-14 · Published 2024-10-10 · View on CISA ICS-CERT ↗

Schneider Electric Zelio Soft 2

CVSS 7.8 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to achieve arbitrary code execution, cause a denial-of-service condition, or loss of confidentiality and integrity.

CVEs (2)

CVE-2024-8422 CVE-2024-8518

Remediations

Schneider Electric recommends that customers update to Version 5.4.2.2. It can be updated through the Schneider Electric Software Update (SESU) application and is also available for download here.

Affected Vendors

Schneider Electric

Affected Products (1)

Schneider Electric · Zelio Soft 2 <5.4.2.2

Affected Sectors

Energy, Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more