[Control systems] Schneider Electric security advisory (AV24-570)

From: Canadian Centre for Cyber Security

Serial number: AV24-570
Date: October 8, 2024

On October 8, 2024, Schneider Electric published advisories to address vulnerabilities in the following products:

  • Data Center Expert – versions 8.1.1.3 and prior
  • Easergy Studio – version 9.3.1 and prior
  • EcoStruxure EV Charging Expert – versions prior to V6.0.0
  • EcoStruxure™ Power Monitoring Expert (PME) – versions 2022 and prior
  • EVlink Home Smart – versions prior to 2.0.6.0.0
  • Harmony iPC – HMIBSC IIoT Edge Box Core – all versions, multiple products
  • Schneider Charge – versions prior to 1.13.4
  • System Monitor application in Harmony Industrial PC – all versions, multiple series
  • System Monitor application in Pro-face Industrial PC PS5000 series – all versions
  • Zelio Soft 2 – versions prior to 5.4.2.2

The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates.

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: