← Back to home
ICSA-25-301-01  ·  Published 2025-10-14  ·  View on CISA ICS-CERT ↗

Schneider Electric EcoStruxure

CVSS 7.5 HIGH

CVEs (1)

Remediations

  • Version SV2.01 SP3 of EcoStruxure OPC UA Server Expert includes a fix for this vulnerability and is available for download here: https://www.se.com/ww/en/product-range/66388-ecostruxure-opc-ua-server-expert/#software-and-firmware
  • If customers choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit: * Set the “Security Policy” to Basic256-Sha256 (default value indicated by unchecked “Security Policy” setting) used for secure communication between OPC UA client & server based on OPC UA standard. * Ensure that the “Anonymous user token” setting remains unchecked (unchecked by default) to prevent anonymous authentication. * Set “User authentication” setting (checked by default) used to authenticate & authorize OPC UA client. * Set “X509 user token” setting (checked by default) used to authenticate & authorize OPC UA client. For more details, refer to “EcoStruxure OPC UA Server Expert User Guide” chapter “Security Management”: https://www.se.com/ww/en/download/document/MFR53158/ * Follow workstation, network and site-hardening guidelines in the “Recommended Cybersecurity Best Practices”: https://www.se.com/ww/en/download/document/7EN52-0390/
  • Schneider Electric is establishing a remediation plan for all future versions of EcoStruxure Modicon Communication Server that will include a fix for this vulnerability. We will update this document when the remediation is available. Until then, customers should immediately apply the following mitigations to reduce the risk of exploit: * Set the “Security Policy” to Basic256-Sha256 (default value indicated by unchecked “Security Policy” setting) used for secure communication between OPC UA client & server based on OPC UA standard. * Ensure that the “Anonymous user token” setting remains unchecked (unchecked by default) to prevent anonymous authentication. * Set “User authentication” setting (checked by default) used to authenticate & authorize OPC UA client. * Set “X509 user token” setting (checked by default) used to authenticate & authorize OPC UA client. For more details, refer to “EcoStruxure Modicon Server User Guide” chapter “Security Settings”: https://www.se.com/fr/fr/download/document/EIO0000004083/ * Follow workstation, network and site-hardening guidelines in the “Recommended Cybersecurity Best Practices”: https://www.se.com/ww/en/download/document/7EN52-0390/

Affected Vendors

Schneider Electric

Affected Products (3)

Schneider Electric · EcoStruxure OPC UA Server Expert <SV2.01_SP3
Schneider Electric · EcoStruxure OPC UA Server Expert SV2.01_SP3
Schneider Electric · EcoStruxure Modicon Communication Server vers:all/*

Affected Sectors

Commercial Facilities, Critical Manufacturing, Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more