Schneider Electric RemoteConnect and SCADAPack x70 Utilities Deserialization Vulnerability Leading to Remote Code Execution

A deserialization vulnerability has been identified in all versions of Schneider Electric's RemoteConnect and SCADAPack x70 Utilities. This vulnerability allows for the potential loss of confidentiality and integrity, and could lead to remote code execution on the workstation of a non-admin authenticated user who opens a malicious project file.

Impact

Exploitation of this vulnerability could result in unauthorized remote code execution on the affected workstation.

Remediation

Schneider Electric is developing a remediation plan for future versions of RemoteConnect and SCADAPack x70 Utilities. Until this update is available, users should only open project files from trusted sources, verify the integrity of project files using hash checks, encrypt project files when stored, and use secure communication protocols for file exchanges. Additionally, follow the SCADAPack Security Guidelines.