Schneider Electric System Monitor Application in Harmony and Pro-face PS5000 Legacy Industrial PCs

CVEs (1)

Remediations

• Customer can uninstall System Monitor application using installer available for download here: https://www.se.com/ww/en/product-range/61054- harmony-industrial-pc/#software-and-firmware Customers should use appropriate patching methodologies when applying these patches to their systems. We strongly recommend the use of back-ups and evaluating the impact of these patches in a Test and Development environment or on an offline infrastructure. Contact Schneider Electric’s Customer Care Center if you need assistance removing a patch. Please follow the steps described in the guideline attached as a .pdf in the downloaded uninstaller guide. We strongly recommend the use of back-ups and evaluating the impact of this uninstaller in a Test and Development environment or on an offline infrastructure. Contact Schneider Electric’s Customer Care Center if you need assistance.
• Customer can uninstall System Monitor application using installer available for download here: https://www.proface.com/en/product/ipc/ps5000/download Customers should use appropriate patching methodologies when applying these patches to their systems. We strongly recommend the use of back-ups and evaluating the impact of these patches in a Test and Development environment or on an offline infrastructure. Contact Schneider Electric’s Customer Care Center if you need assistance removing a patch. Please follow the steps described in the guideline attached as a .pdf in the downloaded uninstaller guide.We strongly recommend the use of back-ups and evaluating the impact of this uninstaller in a Test and Development environment or on an offline infrastructure. Contact Schneider Electric’s Customer Care Center if you need assistance.
• If customers choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit: • Stop the system monitor if not required by turning off the services as specified in user guide: o Harmony Industrial PC Series User Manual • Setup network segmentation and implement a firewall to block all unauthorized access to configured HTTP/HTTPS ports.
• If customers choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit: • Stop the system monitor if not required by turning off the services as specified in user guide: Pro-face PS5000 legacy industrial PC Series User Manual • Setup network segmentation and implement a firewall to block all unauthorized access to configured HTTP/HTTPS ports.

Affected Vendors

Affected Products (2)

Affected Sectors

Commercial Facilities, Critical Manufacturing, Energy