#VU58500 Insufficient Entropy in Schneider Electric Hardware solutions


Published: 2021-12-03

Vulnerability identifier: #VU58500

Vulnerability risk: Low

CVSSv3.1: 3.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-22799

CWE-ID: CWE-331

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Software Update
Client/Desktop applications / Other client software
EcoStruxure Operator Terminal Expert
Client/Desktop applications / Other client software
SoMove
Client/Desktop applications / Other client software
EcoStruxure Augmented Operator Advisor
Server applications / Other server solutions
EcoStruxure Machine Expert Basic
Server applications / Other server solutions
EcoStruxure Plant Builder
Server applications / Other server solutions
EcoStruxure Power Design
Server applications / Other server solutions
EcoStruxure Automation Expert
Server applications / Other server solutions
EcoStruxure Automation Maintenance Expert
Server applications / Other server solutions
Eurotherm Data Reviewer
Server applications / Other server solutions
Eurotherm iTools
Server applications / Other server solutions
eXLhoist Configuration
Server applications / Other server solutions
Schneider Electric Floating License Manager
Server applications / Other server solutions
Schneider Electric License Manager
Server applications / Other server solutions
Harmony XB5SSoft
Server applications / Other server solutions
Versatile Software BLUE
Server applications / Other server solutions
Vijeo Designer
Server applications / Other server solutions
OsiSense XX Configuration Software
Server applications / Other server solutions
EcoStruxure Control Expert
Server applications / SCADA systems
EcoStruxure Process Expert
Server applications / SCADA systems
EcoStruxure Machine Expert
Server applications / SCADA systems
Zelio Soft 2
Hardware solutions / Firmware

Vendor: Schneider Electric

Description

The vulnerability allows a local user to gain access to sensitive information on the system.

The vulnerability exists due to insufficient entropy issue. A local user can decrypt the SESU proxy password from the registry.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Software Update: 2.3.0 - 2.5.1

EcoStruxure Augmented Operator Advisor: All versions

EcoStruxure Control Expert: All versions

EcoStruxure Process Expert: All versions

EcoStruxure Machine Expert: All versions

EcoStruxure Machine Expert Basic: All versions

EcoStruxure Operator Terminal Expert: All versions

EcoStruxure Plant Builder: All versions

EcoStruxure Power Design: All versions

EcoStruxure Automation Expert: All versions

EcoStruxure Automation Maintenance Expert: All versions

Eurotherm Data Reviewer: All versions

Eurotherm iTools: All versions

eXLhoist Configuration: All versions

Schneider Electric Floating License Manager: All versions

Schneider Electric License Manager: All versions

Harmony XB5SSoft: All versions

SoMove: All versions

Versatile Software BLUE: All versions

Vijeo Designer: All versions

OsiSense XX Configuration Software: All versions

Zelio Soft 2: All versions

External links
http://ics-cert.us-cert.gov/advisories/icsa-21-336-01
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-02

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Information disclosure in Schneider Electric SESU