Schneider Electric has alerted users to multiple vulnerabilities in its Trio Licensed and License-Free Data Radio products. These products are vital for long-range wireless data communications in SCADA and remote telemetry applications. Their vulnerability could lead to information disclosure or the installation of malicious code if not remediated.
- Trio Q-Series Ethernet Data Radio (versions prior to 2.7.0)
- Trio E-Series Ethernet Data Radio (all versions of models ER45e, EB45e, EH45e)
- Trio J-Series Ethernet Data Radio (all versions)
- CVE-2023-5629 (CVSS v3.1 Base Score 8.2, High Severity): A URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability that could lead to phishing attempts over HTTP.
- CVE-2023-5630 (CVSS v3.1 Base Score 6.5, Medium Severity): A Download of Code Without Integrity Check vulnerability that allows a privileged user to install untrusted firmware.
Remediation and Mitigations:
- Firmware version 2.7.0 for the Trio Q-Series Data Radio includes a fix for CVE-2023-5629. Users are advised to follow the instructions in the Trio Q Data Radio User Manual for updating firmware.
- For the Trio E and Q Series radios, it’s recommended to use up-to-date browsers for login, as they automatically prevent “Open Redirect” HTTP attempts.
- The Trio E-Series Ethernet Data Radio has reached its end of life and is no longer supported.
- Schneider Electric is developing a remediation plan for future versions of the Trio J-Series Ethernet Data Radio to address these vulnerabilities.
General Security Recommendations:
- Isolate control and safety system networks behind firewalls.
- Install physical controls to prevent unauthorized access to industrial control and safety systems.
- Keep controllers in locked cabinets and never in “Program” mode.
- Connect programming software only to intended networks.
- Scan all methods of mobile data exchange before use.
- Minimize network exposure and ensure that devices are not accessible from the Internet.
- Use secure methods for remote access, like updated VPNs.
Special thanks to the UK’s National Cyber Security Centre (NCSC) for identifying and helping to coordinate a response to these vulnerabilities.
For more information and assistance, visit Schneider Electric’s Industrial Cybersecurity Services website or contact your local representative. Stay informed and protect your systems against emerging cybersecurity threats with our updates.
Source: Schneider Electric Security Notification, SEVD-2023-346-01