Schneider Electric published Security Advisories to highlight vulnerabilities in the following products:
- EcoStruxure Control Expert – version V15.0 SP1 and prior
- EcoStruxure Process Expert – version V2021 and prior
- Ritto Wiser Door – all versions
- SmartConnect Family – multiple versions and platforms
- Smart-UPS Family – multiple versions and platforms
In a statement, Schneider Electric advises the following:
"We recommend that customers immediately install available firmware updates provided below, which include remediations to reduce the risk of successful exploitation of these vulnerabilities. In addition, customers should also immediately ensure they have implemented cybersecurity best practices across their operations to protect themselves from exploitation of these vulnerabilities."
Customers are encouraged to perform the suggested mitigations and apply the necessary updates as soon as possible.
For a list of all affected models and how to apply the security updates, please visit Schneider Electric Security Notification