Schneider Electric FoxRTU Station

CVEs (1)

Remediations

• Version 9.3.0 of FoxRTU Station includes a fix for this vulnerability. Please contact your local Service Representative or Schneider Electric Process Automation Global Customer Support Center for information on how to download and install this fix: Process Automation | Global Customer Support (se.com) Please follow the instructions in Chapter 12 of User Guide B0780AE rev. P, “Security: Securing a Project” to encrypt and password protect project files.
• As the identified vulnerability requires file write access on the machine on which FoxRTU Station is installed, proper file system access control restrictions should be implemented to prevent unauthorized users from editing FoxRTU Station project files or placing malicious DLLs in accessible directories. • Store the project files in a secure storage and restrict the access to only trusted users • When exchanging files over the network, use secure communication protocols • Encrypt project files when stored • Only open project files received from trusted source • Compute a hash of the project files and regularly check the consistency of this hash to verify the integrity before usage • Follow workstation, network and site-hardening guidelines in the Recommended Cybersecurity Best Practices available here: https://www.se.com/us/en/download/document/7EN52- 0390/ • To ensure you are informed of all updates, including details on affected products and remediation plans, subscribe to Schneider Electric’s security notification service here: https://www.se.com/en/work/support/cybersecurity/securit y-notifications.jsp

Affected Vendors

Affected Products (2)

Affected Sectors

Multiple