Schneider Electric published Security Advisories to highlight vulnerabilities in the following products:
- EcoStruxure Control Expert – version V15.0 SP1 and prior
- EcoStruxure Process Expert – version V2021 and prior
- Ritto Wiser Door – all versions
- SmartConnect Family – multiple versions and platforms
- Smart-UPS Family – multiple versions and platforms
In a statement, Schneider Electric advises the following:
"We recommend that customers immediately install available firmware updates provided below, which include remediations to reduce the risk of successful exploitation of these vulnerabilities. In addition, customers should also immediately ensure they have implemented cybersecurity best practices across their operations to protect themselves from exploitation of these vulnerabilities."
Customers are encouraged to perform the suggested mitigations and apply the necessary updates as soon as possible.
For a list of all affected models and how to apply the security updates, please visit Schneider Electric Security Notification
Security Alert: APC UPS vulnerability
Sourced by: Canadian Centre for Cyber Security
Looking for steps you can take to protect your organization’s networks and information from cyber threats? To get you started, the Canadian Centre for Cyber Security have summarized 13 security control categories that your organization can implement, covering:
- Incident Response Plan
- Multi-Factor Authentication
- Backing up and encrypting data
..and more
By implementing these controls, you can reduce your risks and improve your ability to respond to security incidents.
While it isn’t always necessary to implement all of the controls, it is encouraged to adopt as many as possible to enhance your cyber security.