Schneider Electric EcoStruxure Process Expert Privilege Escalation Vulnerability

A vulnerability allowing privilege escalation has been identified in Schneider Electric's EcoStruxure Process Expert and EcoStruxure Process Expert for AVEVA System Platform. This vulnerability arises from incorrect default permissions that could enable a local user with normal privileges to modify executable service binaries in the installation folder. Upon restarting the service, these modifications could be exploited to gain elevated privileges through a reverse shell.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing a user to gain elevated rights and potentially execute arbitrary commands with those privileges.

Remediation

Users of EcoStruxure Process Expert should upgrade to version 2025, which includes a fix for this vulnerability. For EcoStruxure Process Expert for AVEVA System Platform, Schneider Electric is developing a remediation plan for future versions that will address this vulnerability. In the meantime, users should apply application whitelisting at the system level to allow execution of authenticated applications and restrict access to the system to only necessary users.