Serial number: AV24-570
Date: October 8, 2024
On October 8, 2024, Schneider Electric published advisories to address vulnerabilities in the following products:
- Data Center Expert – versions 8.1.1.3 and prior
- Easergy Studio – version 9.3.1 and prior
- EcoStruxure EV Charging Expert – versions prior to V6.0.0
- EcoStruxure™ Power Monitoring Expert (PME) – versions 2022 and prior
- EVlink Home Smart – versions prior to 2.0.6.0.0
- Harmony iPC – HMIBSC IIoT Edge Box Core – all versions, multiple products
- Schneider Charge – versions prior to 1.13.4
- System Monitor application in Harmony Industrial PC – all versions, multiple series
- System Monitor application in Pro-face Industrial PC PS5000 series – all versions
- Zelio Soft 2 – versions prior to 5.4.2.2
The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested mitigations and apply the necessary updates.
This alert was originated From: Canadian Centre for Cyber Security
https://cyber.gc.ca/en/alerts-advisories/control-systems-schneider-electric-security-advisory-av24-570