Number: AV23-010
Date: January 10, 2023
On January 10, 2023, Schneider Electric published security advisories to address vulnerabilities in multiple products. Included were updates for the following:
- EcoStruxure Control Expert – all versions
- EcoStruxure Geo SCADA Expert 2019, 2020 and 2021 – versions prior to October 2022
- EcoStruxure Power SCADA Anywhere – versions 2022, 2021, 2020 R2, 2020, 9.0 and 8.x
- EcoStruxure Power SCADA Operation 2020 – multiple versions
- Ecostruxure Power Operation 2021 – versions 2021, 2021 CU1, 2021 CU2 and 2021 CU3
- EcoStruxure Process Expert – version V2020 and prior
- Modicon PLC and PAC – multiple versions and platforms
- PowerSCADA Expert – version 8.x
- Power SCADA Operation – version 9.0
The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.