Schneider Electric Saitel DR and DP RTUs OS Command Injection Vulnerability

A command injection vulnerability has been identified in Schneider Electric's Saitel DR and Saitel DP Remote Terminal Units (RTUs). This vulnerability, categorized as OS Command Injection (CWE-78), allows for the execution of arbitrary shell commands via the BLMon Console during an SSH session. The issue is present in Saitel DR RTU versions through 11.06.29 and Saitel DP RTU versions through 11.06.33.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution on the affected RTU.

Remediation

Users of Saitel DR RTU should upgrade to firmware version 11.06.30, while Saitel DP RTU users should upgrade to version 11.06.34. Both firmware versions include a fix for this vulnerability. After upgrading, a reboot is required to complete the process. For those who choose not to apply the update, it is recommended to restrict access to BLMon by limiting user permissions, implement firewall rules to control SSH access, and follow general cybersecurity best practices such as isolating control systems from business networks and using secure remote access methods.