Researchers Uncover Schneider Electric Data Centre System Flaw

Security researchers Positive Technologies have discovered a worrying security vulnerability in a data centre monitoring system that could have allowed attackers to remotely access unencrypted passwrods.

The flaw affects the Schneider Electric StruxureWare Data Center Expert, which is software designed to monitor the physical infrastructure at a data centre including cooling, backup generators, video surveillance and fire suppression.

Password Storage

Positive Technologies rated the flaw as 7.6 on the CVSS v3 scale and Schneider Electric has now  issued a patch for it.

It said that this high score reflects the ability of an outsider to obtain remote access to sensitive information found in critical data centre support systems that are connected to StruxureWare Data Center Expert.

Essentially the flaw could have allowed an attacker to recover passwords from RAM on the client side of the platform, as the passwords were held in unencrypted cleartext form.

“A hacker could use this flaw to penetrate the internal network at a data centre, obtain confidential information, or even cause physical harm,” said Ilya Karpov, Head of the ICS Research and Audit Unit at Positive Technologies.

“Data Centre Infrastructure Management (DCIM) platforms have the ‘keys to the kingdom’ at a data centre, since they are connected to all installed systems,” he added.

“A vulnerability such as this threatens the functioning of critical systems on which data centres depend: video surveillance, fire suppression, backup generators and generator control units, switches, pumps, UPS systems, and precision cooling.”

Patch Now

Schneider Electric is now urging all customers using StruxureWare Data Center Expert to upgrade to version 7.4 immediately.

“Schneider Electric has become aware of a vulnerability in StruxureWare Data Center Expert 7.3.1.114 and 7.2.4 and earlier versions of the product,” said the firm in its patch documentation. “Special thanks to Ilya Karpov of Positive Technologies who discovered the vulnerability.”

This is not the first time that flaws have been discovered with Schneider Electric products.

In November 2016 for example, security firm Critifence found two “PanelShock” bugs that could have allowed an attacker to overload a line of display panels made by the French industrial control systems giant and effectively take it offline.

And Positive Technologies researchers have also previously discovered vulnerabilities in Schneider Electric Wonderware Information Server back in 2013 and 2014.

And in 2015 Ilya Karpov identified an issue involving unencrypted storage of passwords in InTouch Machine Edition 2014.

Supervisory control and data acquisition (SCADA) systems allow industrial devices to be monitored and controlled remotely.

Security experts have long warned of the potential risks as critical infrastructure is linked to such networks.

Quiz: Are you a security pro?