Schneider Electric System Monitor Application

CVSS 6.9 MEDIUM CISA KEV — Known Exploited

CVEs (1)

CVE-2020-11023

Customer can uninstall System Monitor application using installer available for download here: https://www.se.com/ww/en/product-range/61054- harmony-industrial-pc/#software-and-firmware Please follow the steps described in the guideline attached as a .pdf in the downloaded uninstaller guide.
Customer can uninstall System Monitor application using installer available for download here: https://www.proface.com/en/product/ipc/ps5000/download Please follow the steps described in the guideline attached as a .pdf in the downloaded uninstaller guide.
If customers choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit: • Stop the system monitor if not required by turning off the services as specified in user guide: o Harmony Industrial PC Series User Manual • Setup network segmentation and implement a firewall to block all unauthorized access to configured HTTP/HTTPS ports.
If customers choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit: • Stop the system monitor if not required by turning off the services as specified in user guide: o Pro-face PS5000 legacy industrial PC Series User Manual • Setup network segmentation and implement a firewall to block all unauthorized access to configured HTTP/HTTPS ports.

Schneider Electric

Schneider Electric · Harmony Industrial PC vers:all/*

Schneider Electric · Pro-face Industrial PC vers:all/*

Commercial Facilities, Critical Manufacturing, Energy

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.