Full Report
[Control systems] Schneider Electric security advisory (AV26-119)
Analysis Summary
This summary compiles key information from the Schneider Electric Security Advisory AV26-119 based on the provided context. Please note that the specific CVE IDs, CVSS scores, technical details, and exploitation status were not explicitly listed in the provided text, so placeholders are used where that detailed information is typically sourced from the linked advisories.
# Vulnerability: Schneider Electric Product Vulnerabilities (AV26-119)
## CVE Details
- CVE ID: [Not explicitly provided in summary text; must consult linked advisories]
- CVSS Score: [Not explicitly provided in summary text; must consult linked advisories] ([Severity])
- CWE: [Weakness type if available]
## Affected Systems
- Products:
- EcoStruxure Building Operation Workstation and WebStation
- SCADAPack 47x/47xi
- SCADAPack 57x
- RemoteConnect
- Versions:
- EcoStruxure Building Operation (Workstation/WebStation):
- 7.0.x versions prior to 7.0.3.2000 (CP1)
- 6.x versions prior to 6.0.4.14001 (CP10)
- SCADAPack 47x/47xi: Firmware versions prior to 9.12.2 (or R3.4.2)
- SCADAPack 57x: All versions
- RemoteConnect: versions prior to R3.4.2
- Configurations: [Not explicitly specified in the high-level summary]
## Vulnerability Description
The advisory addresses multiple vulnerabilities across various control system products managed by Schneider Electric. These include flaws related to improper handling of unusual or exceptional conditions and other unspecified security weaknesses as detailed in the linked SE advisories.
## Exploitation
- Status: [Unknown based on this summary; requires consulting linked advisories to check for exploitation status]
- Complexity: [Unknown]
- Attack Vector: [Unknown, but likely covers Network, Adjacent, or Local depending on the specific flaw]
## Impact
- Confidentiality: [Impact level depends on specific CVE]
- Integrity: [Impact level depends on specific CVE]
- Availability: [Impact level depends on specific CVE]
## Remediation
### Patches
Users must apply the following specific updates released by Schneider Electric:
- EcoStruxure Building Operation Workstation/WebStation 7.0.x: Update to version **7.0.3.2000 (CP1)** or later.
- EcoStruxure Building Operation Workstation/WebStation 6.x: Update to version **6.0.4.14001 (CP10)** or later.
- SCADAPack 47x/47xi: Update firmware to **9.12.2** or later (or R3.4.2 or later).
- RemoteConnect: Update to version **R3.4.2** or later.
*(Note: SCADAPack 57x requires updating due to containing critical flaws, although a specific version number for replacement is not listed; the vendor advisory should be checked.)*
### Workarounds
The Cyber Centre "encourages users and administrators to review the provided web links [and] perform the suggested mitigations." (Specific workarounds are not itemized in this summary text.)
## Detection
- Indicators of compromise: [Not provided in this summary]
- Detection methods and tools: [Not provided in this summary, but users should check vendor advisories for specific IoCs.]
## References
- Vendor Advisories:
- Multiple Vulnerabilities on EcoStruxure Building Operation Workstation and EcoStruxureTM Building Operation Webstation: hxxps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-041-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-041-02.pdf
- Improper Check for Unusual or Exceptional Conditions on Multiple Products: hxxps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-041-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-041-01.pdf
- Schneider Electric Security Notifications: hxxps://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp
- Relevant links: Canadian Centre for Cyber Security AV26-119 Advisory Notification.