Skip to main content
Cybersecurity

Schneider Electric Uni-Telway Interface Driver

Schneider Electric Uni-Telway Interface Driver

1. EXECUTIVE SUMMARY

  • CVSS v4 6.8
  • ATTENTION: Low attack complexity
  • Vendor: Schneider Electric
  • Equipment: Uni-Telway Driver
  • Vulnerability: Improper Input Validation

2. RISK EVALUATION

The Schneider Electric Uni-Telway Driver has been identified with a vulnerability that, if successfully exploited, could lead to a denial of service (DoS) condition. This risk is particularly concerning for organizations relying on this driver for their operational technology (OT) environments, as it could disrupt critical processes and services.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

Schneider Electric has confirmed that the following products are affected by the vulnerability:

  • Schneider Electric Uni-Telway Driver: All versions
  • Uni-Telway Driver installed on Control Expert: All versions
  • Uni-Telway Driver installed on Process Expert: All versions
  • Uni-Telway Driver installed on Process Expert for AVEVA System Platform: All versions
  • Uni-Telway Driver installed on OPC Factory Server: All versions

3.2 VULNERABILITY OVERVIEW

3.2.1 IMPROPER INPUT VALIDATION CWE-20

The vulnerability in the Schneider Electric Uni-Telway Driver is categorized as improper input validation (CWE-20). This flaw allows an authenticated user to invoke a specific driver interface with crafted input, potentially leading to a denial-of-service condition on engineering workstations. The vulnerability has been assigned the identifier CVE-2024-10083, with a CVSS v3 base score of 5.5 and a CVSS v4 base score of 6.8.

The CVSS vector strings for these scores are as follows:

3.3 BACKGROUND

  • CRITICAL INFRASTRUCTURE SECTORS: The affected products are utilized across various critical infrastructure sectors, including Commercial Facilities, Critical Manufacturing, and Energy.
  • COUNTRIES/AREAS DEPLOYED: The Uni-Telway Driver is deployed worldwide, making the impact of this vulnerability potentially global.
  • COMPANY HEADQUARTERS LOCATION: Schneider Electric is headquartered in France.

3.4 RESEARCHER

The vulnerability was reported by a team of researchers including Sangjun Park, Jongseoung Kim, Byunghyun Kang, Yunjin Park, Albert Einstein, Kwon Yul, and Seungchan Kim from today-0day.

4. MITIGATIONS

To mitigate the risks associated with the Uni-Telway Driver vulnerability, Schneider Electric has recommended several specific workarounds:

  • Application Control: Utilize McAfee Application and Change Control software for application control. Detailed guidance can be found in the Cybersecurity Application Note available here.
  • Cybersecurity Best Practices: Adhere to workstation, network, and site-hardening guidelines as outlined in Schneider Electric’s Recommended Cybersecurity Best Practices document. For users who do not require the Uni-Telway Driver, it is advised to uninstall the driver. Notably, version 16.1 of EcoStruxure Control Expert does not include the Uni-Telway Driver by default.
  • Security Notifications: Users are encouraged to subscribe to Schneider Electric’s security notification service to stay informed about updates, affected products, and remediation plans. More information can be found here.

For further details, users can refer to Schneider Electric’s CPCERT security advisory SEVD-2025-042-02, which is available in both PDF and CSAF formats:

The Cybersecurity and Infrastructure Security Agency (CISA) also recommends several defensive measures to minimize the risk of exploitation:

  • Network Exposure: Minimize network exposure for all control system devices and systems, ensuring they are not accessible from the Internet.
  • Network Isolation: Place control system networks and remote devices behind firewalls and isolate them from business networks.