Schneider Electric has published new firmware for its StruxureWare Building Expert building automation system that patches a remotely exploitable vulnerability.
Tag Archives: Schneider Electric
Risky Schneider Electric SCADA Vulnerabilities Remain Unpatched
Vulnerabilities in Schneider Electric SCADA gear remain unpatched close to two weeks after they were disclosed during DEF CON.
TCP Vulnerability Haunts Wind River VxWorks Embedded OS
There is a TCP prediction vulnerability in Wind River’s widely deployed VxWorks embedded software that can enable an attacker to disrupt or spoof the TCP connections to and from target devices. VxWorks is an embedded operating system that’s used in a large number of ICS products that are deployed in sectors such as energy, water, […]
Hard-Coded FTP Credentials Found in Schneider Electric SCADA Gateway
Two flaws in Schneider Electric’s ETG3000 FactoryCast HMI Gateway allow unauthenticated remote access to the device’s FTP server and configuration file.