Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Critical Flaws Patched in Schneider Building Automation Software

Schneider Electric recently patched four vulnerabilities in its U.motion Builder software, including two critical command execution flaws. Advisories have been published by both the vendor and ICS-CERT.

Schneider Electric recently patched four vulnerabilities in its U.motion Builder software, including two critical command execution flaws. Advisories have been published by both the vendor and ICS-CERT.

Schneider Electric’s U.motion is a building automation solution used around the world mainly in the energy, critical manufacturing and commercial facilities sectors. U.motion Builder is a tool designed for creating projects for U.motion devices.

A Chinese researcher who uses the online moniker “bigric3” discovered that U.motion Builder is affected by a critical stack-based buffer overflow vulnerability (CVE-2018-7784).

“This exploit occurs when the submitted data of an input string is evaluated as a command by the application,” Schneider said in an advisory. “In this way, the attacker could execute code, read the stack, or cause a segmentation fault in the running application.”

Another critical flaw discovered by bigric3 is CVE-2018-7785, which has been described as a remote command injection issue that can lead to authentication bypass.

Both these security holes have been assigned CVSS scores of 10. They can be exploited remotely even by an attacker with a low skill level.

Advertisement. Scroll to continue reading.

Register for SecurityWeek’s 2018 ICS Cyber Security Conference

Bigric3 has also been credited for finding a medium severity cross-site scripting (XSS) vulnerability in the U.motion Builder application.

Another flaw in U.motion Builder was discovered by Wei Gao of Ixia. The researcher found that the “improper validation of input of context parameter in an HTTP GET request” can lead to the disclosure of sensitive information. This issue has also been classified as having medium severity.

Schneider patched these vulnerabilities with the release of version 1.3.4. All prior versions are impacted.

In addition to the patch, ICS-CERT and the U.S. National Cybersecurity & Communications Integration Center (NCCIC) have provided a series of general recommendations for minimizing the risk of attacks.

Related: Schneider Electric Patches 16 Flaws in Building Automation Software

Related: Unpatched Flaws in Schneider Electric U.motion Builder Disclosed

Written By

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

BlueVoyant has appointed Ravi Subramanian as CFO and Jamie Coleman as CCO.

Solana Foundation has appointed Michael Coates as Chief Information Security Officer.

Michael Sikorski has joined Coinbase as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.