Schneider Electric Harmony HMI and Pro-Face HMI Products

CVSS 8.8 HIGH

CVEs (1)

CVE-2024-11999

Customers should immediately apply the following mitigations to reduce the risk of exploit: • Use HMI only in a protected environment to minimize network exposure and ensure that they are not accessible from public internet or untrusted networks. • Setup network segmentation and implement a firewall to block all unauthorized access. • Restrict usage of unverifiable portable media • Restricting the application access to limit the transfer of Firmware to HMIScanning of software/files for rootkits before usage and verifying the digital signature. • When exchanging files over the network, use secure communication protocols.

Schneider Electric

Schneider Electric · Harmony with EcoStruxureTM Operator Terminal Expert runtime vers:all/*

Schneider Electric · Pro-face HMI with Pro-face BLUE runtime vers:all/*

Chemical, Critical Manufacturing, Energy, Water and Wastewater Systems

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.