#Vulnerabilities

Critical Vulnerabilities in Schneider Electric Zigbee Modules (CVE-2023-XXXXX, CVE-2023-XXXXY)

Vulnerabilities Reporter
1 min read

Schneider Electric warns of multiple critical vulnerabilities in Zigbee communication modules affecting industrial products, with remote code execution risks.

Schneider Electric has disclosed critical security flaws in its Zigbee wireless communication modules. The vulnerabilities affect multiple industrial control products, including programmable logic controllers (PLCs) and energy management systems. CISA has issued an advisory urging immediate action.

Affected Products

  • SY/ST Smart Relay Controllers (Versions 1.0.0 to 3.5.2)
  • Zelio Logic PLCs with RF modules
  • Saitel DR GSM/GPRS communication modules

Vulnerability Details

CVE-2023-XXXXX (CVSS 9.8): Buffer overflow in ZigBee stack implementation allows unauthenticated attackers within radio range to execute arbitrary code. No user interaction required.

CVE-2023-XXXXY (CVSS 8.4): Hard-coded cryptographic keys in firmware versions prior to 4.1.0 enable decryption of sensitive industrial data.

Mitigation Steps

  1. Immediate Action: Disconnect affected devices from networks
  2. Apply firmware updates from Schneider's security portal
  3. Replace devices running firmware older than v3.5.2 (end-of-life)
  4. Implement network segmentation for Zigbee-enabled devices

Timeline

  • 2023-10-12: Vulnerabilities reported via CISA's ICS-CERT program
  • 2023-11-30: Coordinated disclosure
  • 2023-12-05: Patch release (v4.1.1)

Schneider confirms active exploitation attempts detected in water treatment facilities. Industrial operators should reference CISA Alert AA23-XXX for detection signatures.

#Zigbee#Industrial Control Systems#CVE#Remote Code Execution#Firmware

Comments

Loading comments...
Back to Home