Help
  • Explore Community
  • Get Started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
Notifications
Login / Register
Community
Community
Notifications
close
  • Forums
  • Knowledge Center
  • Events & Webinars
  • Ideas
  • Blogs
Help
Help
  • Explore Community
  • Get Started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
Login / Register
Sustainability
Sustainability

We Value Your Feedback!
Could you please spare a few minutes to share your thoughts on Cloud Connected vs On-Premise Services. Your feedback can help us shape the future of services.
Learn more about the survey or Click here to Launch the survey
Schneider Electric Services Innovation Team!

Critical Zero-Day Vulnerability 2023-09-28 - Are we exposed?

EcoStruxure IT forum

Schneider Electric support forum about installation and configuration for DCIM including EcoStruxure IT Expert, IT Advisor, Data Center Expert, and NetBotz

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • Home
  • Schneider Electric Community
  • EcoStruxure IT
  • EcoStruxure IT forum
  • Critical Zero-Day Vulnerability 2023-09-28 - Are we exposed?
Options
  • Mark Topic as New
  • Mark Topic as Read
  • Float this Topic for Current User
  • Bookmark
  • Subscribe
  • Mute
  • Printer Friendly Page
Invite a Co-worker
Send a co-worker an invite to the portal.Just enter their email address and we'll connect them to register. After joining, they will belong to the same company.
You have entered an invalid email address. Please re-enter the email address.
This co-worker has already been invited to the Exchange portal. Please invite another co-worker.
Please enter email address
Send Invite Cancel
Invitation Sent
Your invitation was sent.Thanks for sharing Exchange with your co-worker.
Send New Invite Close
Top Experts
User Count
Cory_McDonald
Admiral Cory_McDonald Admiral
124
Jef
Admiral Jef Admiral
109
gsterling
Captain gsterling Captain
71
APC_Steve
Captain APC_Steve Captain
62
View All

Invite a Colleague

Found this content useful? Share it with a Colleague!

Invite a Colleague Invite
Back to EcoStruxure IT forum
peter-ries
peter-ries
Cadet

Posted: ‎2023-09-28 12:08 PM

1 Like
2
1148
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2023-09-28 12:08 PM

Critical Zero-Day Vulnerability 2023-09-28 - Are we exposed?

Please advise if the Data Centre Expert and IT Advisor Software are at risk by the most recent vulnerability called: Critical Zero-Day Vulnerability 2023-09-28

Summary:

  • The vulnerability was initially reported by Google on Sep 12, however, investigation of active related exploits resulted in their report being upgraded to a critical vulnerability this morning (score of High 8.8/10) due to the multiple products that can be leveraged on multiple technologies, devices and platforms.
  • POTENTIAL IMPACTS:
    • Exploiting this vulnerability would allow malicious actors to execute code remotely on a vulnerable machine, which could lead to malware being introduced into the environment, ability for the threat actor to gain complete control over devices without any user actions (in other words, no one needs to click on anything at our end), as well as a high potential for establishing a persistent connection or back door into the device (ability to access the device “unnoticed” in the future).
  • VULNERABILITIES BEING LEVERAGED:
    • Most if not every Commercial off-the-shelf (COTS), many custom applications and development platforms, operating systems, browsers and devices leveraging the “libwebp” library are vulnerable. This library is leveraged by millions of applications worldwide.

 

Labels
  • Labels:
  • Data Center Expert
  • IT Advisor
  • Tags:
  • english
Reply

Link copied. Please paste this link to share this article on your social media post.

  • All forum topics
  • Previous Topic
  • Next Topic
Replies 2
LarryK
Lt. Commander LarryK
Lt. Commander

Posted: ‎2023-09-29 10:06 AM

0 Likes
0
1087
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2023-09-29 10:06 AM

Following...

Reply

Link copied. Please paste this link to share this article on your social media post.

gsterling
Captain gsterling Captain
Captain

Posted: ‎2023-10-02 04:32 AM

1 Like
0
1101
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2023-10-02 04:32 AM

Hello Peter. I had sent you a note via the email you had forwarded to me pertaining to this topic. Pasting comments from the email below to this post.

 

From a Schneider standpoint, the authority regarding vulnerabilities for all Schneider products is the Schneider cyber portal page at https://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp

 

The Schneider Cyber portal mentioned above should be considered the source of truth.

 

If ITA and DCE are not listed as being vulnerable to this specific zero-day vulnerability, then you should consider them as not impacted. Given this vulnerability is still quite recent, I'd suggest you subscribe to be notified on the Cyber portal in case the status changes. As of today (Oct 2, 2023) neither DCE nor ITA is identified as being impacted by this vulnerability.

 

I did check where Redhat has responded to this threat. Redhat has responded to CVE-2023-5217 on this page https://access.redhat.com/security/cve/cve-2023-5217 . The zero day vulnerability does apply to Redhat 8x operating systems when the thunderbird, libwebp modules or libvpx library are present. These modules appear to be installed as dependencies when/if browser like chrome or firefox are installed in the OS.

 

I checked online and offline ITA servers. These rpm’s/modules are not part of the ITA online or offline iso’s. When I installed firefox on one of my ITA servers I did indeed see the libvpx and libwebp libraries were also installed. This would lead me to believe your ITA server is safe as long as your team did not install a browser on the server.

 

Regards

 

Greg Sterling

Reply

Link copied. Please paste this link to share this article on your social media post.

Preview Exit Preview

never-displayed

You must be signed in to add attachments

never-displayed

 
To The Top!

Forums

  • APC UPS Data Center Backup Solutions
  • EcoStruxure IT
  • EcoStruxure Geo SCADA Expert
  • Metering & Power Quality
  • Schneider Electric Wiser

Knowledge Center

Events & webinars

Ideas

Blogs

Get Started

  • Ask the Community
  • Community Guidelines
  • Community User Guide
  • How-To & Best Practice
  • Experts Leaderboard
  • Contact Support
Brand-Logo
Subscribing is a smart move!
You can subscribe to this board after you log in or create your free account.
Forum-Icon

Create your free account or log in to subscribe to the board - and gain access to more than 10,000+ support articles along with insights from experts and peers.

Register today for FREE

Register Now

Already have an account? Login

Terms & Conditions Privacy Notice Change your Cookie Settings © 2025 Schneider Electric

This is a heading

With achievable small steps, users progress and continually feel satisfaction in task accomplishment.

Usetiful Onboarding Checklist remembers the progress of every user, allowing them to take bite-sized journeys and continue where they left.

of