Schneider Electric SCADAPack and RemoteConnect

CVEs (1)

Remediations

• Version R3.4.2 (Firmware version 9.12.2) of SCADAPack™ 47x and SCADAPack™ 47xi includes a fix for this vulnerability and is available for download here: https://www.se.com/ww/en/download/document/RemoteConnect/
• Version R3.4.2 of RemoteConnect includes a fix for this vulnerability and is available for download here: https://www.se.com/ww/en/download/document/RemoteConnect/
• If customers choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit: Follow the information according to SCADAPack™ Security Guidelines in section 8.3 Secured Communication. Also, apply the following standard practices to reduce the risk of exploit: • Setup network segmentation and implement the RTU firewall service to block all unauthorized access to services • Disable the logic debug service.
• Follow the information according to SCADAPack™ Security Guidelines in section 8.3 Secured Communication. Also, apply the following standard practices to reduce the risk of exploit • Setup network segmentation and implement the RTU firewall service to block all unauthorized access to services. • Disable the logic debug service.

Affected Vendors

Affected Products (11)

Affected Sectors

Energy