Schneider Electric EcoStruxure Power Automation and Microgrid Operation WebHMI Component Insecure Default Password Vulnerability

A vulnerability has been identified in the WebHMI component used in Schneider Electric's EcoStruxure Power Automation System User Interface and EcoStruxure Microgrid Operation Large. This vulnerability, categorized as CWE-1188, allows an attacker to execute unauthorized commands if the system's default password credentials are not changed upon first use. Additionally, the default username is not displayed correctly in the WebHMI interface.

Impact

Exploitation of this vulnerability could lead to unauthorized access and commands within the WebHMI application, potentially allowing for manipulation of the monitored electrical networks or microgrid operations.

Remediation

Users can apply the hotfix WebHMI_Fix_users_for_Standard.V1, available through the Schneider Electric Customer Care Center. After applying the hotfix, it is recommended to follow the product's hardening guidelines and ensure that WebHMI is not exposed to the internet. For more general cybersecurity best practices, consult the Schneider Electric Recommended Cybersecurity Best Practices document.