CVE-2020-7561

Vulnerability

The Easergy T300 product from Schneider Electric, running firmware versions 2.7 and prior, contains a missing authentication for critical function vulnerability (CWE-306) [1]. This flaw allows an attacker to access resources without proper authentication, leading to potential information exposure, denial of service, and remote code execution.

Exploitation

An attacker can exploit this vulnerability remotely over the network without any authentication or user interaction [1]. The CVSS vector string (AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H) indicates low attack complexity and no privileges required. By sending crafted requests to the affected device, an attacker can bypass authentication checks and interact with critical functions.

Impact

Successful exploitation grants the attacker unauthorized access to the internal product LAN, enabling exposure of sensitive information, denial of service, and remote code execution [1]. The scope of impact is changed, meaning the compromise can affect resources beyond the vulnerable component.

Mitigation

As of the advisory publication date (November 2020), no firmware update has been released to address CVE-2020-7561 [1]. Users are advised to follow the mitigations recommended in the CISA advisory, such as network segmentation, firewall rules, and restricting access to trusted networks. Contact Schneider Electric for further guidance.