Client Application Firewall
Schneider.Electric.Products.Authentication.Bypass
Description
This indicates the detection of an attack against an Authentication Bypass vulnerability in Schneider Electric EcoStruxure Process Expert, EcoStruxure Control Expert, SCADAPack RemoteConnect for x70, SCADAPack x70 RTUs and Modicon Controllers M580 and M340.
The vulnerability exists due to weak authentication mechanism in the application. It could cause unauthorized access in read and write mode to the controller, by spoofing the Modbus communication between the engineering software and the controller.
Affected Products
EcoStruxure Control Expert, all versions prior to V15.0 SP1
EcoStruxure Control Expert V15.0 SP1 X X
EcoStruxure Process Expert, all versions
SCADAPack RemoteConnect for x70, all versions
Modicon M580 CPU (part numbers BMEP* and BMEH*), all versions
Modicon M340 CPU (part numbers BMXP34*), all versions
Impact
Security Bypass: Remote attackers can bypass security features of vulnerable systems.
Recommended Actions
Users should apply the solution provided by Schneider Electric.
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01