March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – ICS: Multiple Schneider Electric SpaceLogic C-Bus Toolkit Vulnerabilities
December 29, 2023Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs
December 29, 2023Rewterz Threat Advisory – ICS: Multiple Schneider Electric SpaceLogic C-Bus Toolkit Vulnerabilities
December 29, 2023Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs
December 29, 2023
Severity
High
Analysis Summary
CVE-2023-5391
Schneider Electric Electric EcoStruxure Power Monitoring and Power Operation could allow a remote authenticated attacker to execute arbitrary code on the system, caused by deserialization of untrusted data. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-5391
Affected Vendors
Schneider Electric
Affected Products
- Schneider Electric EcoStruxure Power Monitoring Expert
- Schneider Electric EcoStruxure Power Operation
- Schneider Electric EcoStruxure Power SCADA Operation
Remediation
Refer to CISA Security Advisory for patch, upgrade or suggested workaround information.