SEVD-2023-318-01 – Schneider Electric Security Advisory

Schneider Electric addresses security vulnerabilities in their PowerLogic ION8650 and PowerLogic ION8800 products, which are power quality meters used for utility electrical network monitoring. Key takeaways from the document include:

  1. Vulnerabilities Identified: Two primary vulnerabilities have been identified:
    • CVE-2023-5984: A high-severity vulnerability (CVSS score 7.2) allowing the upload of modified firmware by an admin user during a firmware update process.
    • CVE-2023-5985: A medium-severity vulnerability (CVSS score 4.8) that could compromise a user’s browser if an attacker with admin privileges has modified system values.
  2. Affected Products and Versions: Both vulnerabilities affect all versions of the ION8650 and ION8800 products.
  3. Mitigation Steps: Schneider Electric advises immediate actions to mitigate these risks:
    • Download and verify the integrity of firmware from the official product pages.
    • Ensure device firmware is up-to-date and disable web service if not necessary for operation.
  4. General Security Recommendations: The document also suggests industry cybersecurity best practices, such as using firewalls, isolating networks, controlling physical access, and securing remote access.