Schneider Electric PowerLogic PM5300 Series

CVEs (1)

Remediations

• Version 2.4.0 of PowerLogic PM5320 includes a fix for this vulnerability and is available for download here: https://www.se.com/ww/en/product/METSEPM5340/power-meter-powerlogicpm5340-ethernet-up-to-31st-harmonic-256kb-2di-2do-35-alarms
• Version 2.4.0 of PowerLogic PM5340 includes a fix for this vulnerability and is available for download here: https://www.se.com/ww/en/product/METSEPM5340/power-meter-powerlogicpm5340-ethernet-up-to-31st-harmonic-256kb-2di-2do-35-alarms
• Version 2.7.0 of PowerLogic PM5341 includes a fix for this vulnerability and is available for download here: https://www.se.com/ww/en/product/METSEPM5341/pm5341-meter-ethernet-up-to31st-h-256k-2di-2do-35-alarms-mid/
• If customers choose not to apply the remediation provided above, they should immediately apply the following steps to reduce the risk of exploit: 1. Enable IGMP Snooping: o Ensure that IGMP Snooping is enabled on the switch. This feature allows the switch to intelligently forward multicast traffic only to the necessary ports where interested hosts reside. It prevents unnecessary flooding of multicast traffic across all ports, thereby enhancing network efficiency and minimizing unnecessary load on network resources. 2. Configure VLAN Interface Settings: o Set up VLAN interface settings on the switch. It's important to have distinct configurations for each VLAN to ensure proper IGMP operation. 3. Multicast Filtering: o Use IGMP filtering to control the propagation of IGMP traffic through the network. This involves configuring filters on a switch virtual interface (SVI), per-port, or per-port per-VLAN basis. Multicast filtering helps manage IGMP snooping and controls multicast traffic forwarding effectively.

Affected Vendors

Affected Products (6)

Affected Sectors

Commercial Facilities, Critical Manufacturing, Energy