virus logo Client Application Firewall

Schneider.Electric.Products.Authentication.Bypass

description-logoDescription

This indicates the detection of an attack against an Authentication Bypass vulnerability in Schneider Electric EcoStruxure Process Expert, EcoStruxure Control Expert, SCADAPack RemoteConnect for x70, SCADAPack x70 RTUs and Modicon Controllers M580 and M340.
The vulnerability exists due to weak authentication mechanism in the application. It could cause unauthorized access in read and write mode to the controller, by spoofing the Modbus communication between the engineering software and the controller.

affected-products-logoAffected Products

EcoStruxure Control Expert, all versions prior to V15.0 SP1
EcoStruxure Control Expert V15.0 SP1 X X
EcoStruxure Process Expert, all versions
SCADAPack RemoteConnect for x70, all versions
Modicon M580 CPU (part numbers BMEP* and BMEH*), all versions
Modicon M340 CPU (part numbers BMXP34*), all versions

Impact logoImpact

Security Bypass: Remote attackers can bypass security features of vulnerable systems.

recomended-action-logoRecommended Actions

Users should apply the solution provided by Schneider Electric.
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01

Version Updates

Date Version Detail
2022-09-19 22.396 Sig Added
2022-09-08 22.388 Sig Added
2022-06-15 21.339
2022-05-03 20.308

References

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01
ID 50601
Created Jul 19, 2021
Updated Sep 16, 2022
Threat Signal View Report
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2021-22779
Exploit Prediction Score 0.17%
Default Action drop
Affected OS Other
Affected App Other