Critical CVE-2023–4863 – LibWebP Image Processing Vulnerability

MikeH1 · ‎2023-10-03

Wondering if there is any exposure for EcoStruxure IT or DCE for recent CVE-2023–4863 – LibWebP Image Processing Vulnerability? Not seeing anything in the security notifications.

gsterling · ‎2023-10-23

Hello. Schneider Electric maintains a public page which lists known cyber security vulnerabilities with its products. You can also sign-up on this page to be alerted when new notices are posted.

https://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp

According to the contend of the website, no Schneider product is listed as vulnerable to CVE-2023-4863. Please note, only known vulnerabilities are listed on the above page so if you do not find the CVE you're checking then that means Schneider products are not known to be vulnerable.

Regards

Greg Sterling