Rewterz Threat Advisory – ICS: Schneider Electric EcoStruxure Power Monitoring and Power Operation Vulnerability

Rewterz Threat Advisory – ICS: Multiple Schneider Electric SpaceLogic C-Bus Toolkit Vulnerabilities

December 29, 2023

Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs

December 29, 2023

Rewterz Threat Advisory – ICS: Schneider Electric EcoStruxure Power Monitoring and Power Operation Vulnerability

Severity

High

Analysis Summary

CVE-2023-5391

Schneider Electric Electric EcoStruxure Power Monitoring and Power Operation could allow a remote authenticated attacker to execute arbitrary code on the system, caused by deserialization of untrusted data. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

Code Execution

Indicators Of Compromise

CVE

CVE-2023-5391

Affected Vendors

Schneider Electric

Affected Products

Schneider Electric EcoStruxure Power Monitoring Expert
Schneider Electric EcoStruxure Power Operation
Schneider Electric EcoStruxure Power SCADA Operation

Remediation

Refer to CISA Security Advisory for patch, upgrade or suggested workaround information.

CISA Security Advisory

Rewterz Threat Advisory – ICS: Multiple Schneider Electric SpaceLogic C-Bus Toolkit Vulnerabilities

Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs

Rewterz Threat Advisory – ICS: Schneider Electric EcoStruxure Power Monitoring and Power Operation Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan