Vulnerability identifier: #VU58500
Vulnerability risk: Low
CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-331
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Software Update
Client/Desktop applications /
Other client software
EcoStruxure Operator Terminal Expert
Client/Desktop applications /
Other client software
SoMove
Client/Desktop applications /
Other client software
EcoStruxure Augmented Operator Advisor
Server applications /
Other server solutions
EcoStruxure Machine Expert Basic
Server applications /
Other server solutions
EcoStruxure Plant Builder
Server applications /
Other server solutions
EcoStruxure Power Design
Server applications /
Other server solutions
EcoStruxure Automation Expert
Server applications /
Other server solutions
EcoStruxure Automation Maintenance Expert
Server applications /
Other server solutions
Eurotherm Data Reviewer
Server applications /
Other server solutions
Eurotherm iTools
Server applications /
Other server solutions
eXLhoist Configuration
Server applications /
Other server solutions
Schneider Electric Floating License Manager
Server applications /
Other server solutions
Schneider Electric License Manager
Server applications /
Other server solutions
Harmony XB5SSoft
Server applications /
Other server solutions
Versatile Software BLUE
Server applications /
Other server solutions
Vijeo Designer
Server applications /
Other server solutions
OsiSense XX Configuration Software
Server applications /
Other server solutions
EcoStruxure Control Expert
Server applications /
SCADA systems
EcoStruxure Process Expert
Server applications /
SCADA systems
EcoStruxure Machine Expert
Server applications /
SCADA systems
Zelio Soft 2
Hardware solutions /
Firmware
Vendor: Schneider Electric
Description
The vulnerability allows a local user to gain access to sensitive information on the system.
The vulnerability exists due to insufficient entropy issue. A local user can decrypt the SESU proxy password from the registry.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Software Update: 2.3.0 - 2.5.1
EcoStruxure Augmented Operator Advisor: All versions
EcoStruxure Control Expert: All versions
EcoStruxure Process Expert: All versions
EcoStruxure Machine Expert: All versions
EcoStruxure Machine Expert Basic: All versions
EcoStruxure Operator Terminal Expert: All versions
EcoStruxure Plant Builder: All versions
EcoStruxure Power Design: All versions
EcoStruxure Automation Expert: All versions
EcoStruxure Automation Maintenance Expert: All versions
Eurotherm Data Reviewer: All versions
Eurotherm iTools: All versions
eXLhoist Configuration: All versions
Schneider Electric Floating License Manager: All versions
Schneider Electric License Manager: All versions
Harmony XB5SSoft: All versions
SoMove: All versions
Versatile Software BLUE: All versions
Vijeo Designer: All versions
OsiSense XX Configuration Software: All versions
Zelio Soft 2: All versions
External links
http://ics-cert.us-cert.gov/advisories/icsa-21-336-01
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-02
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.