Intrusion Prevention

Schneider.Electric.net55xx.Encoder.Privilege.Escalation

Description

This indicates an attack attempt to exploit an Elevation of Privilege vulnerability in Schneider Electric NET55XX Encoder.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted HTTP requst. A remote attacker may be able to exploit this to escalate their privileges on vulnerable systems.

Affected Products

Schneider Electric series NET55XX Encoder with firmware pior to version 2.1.9.7

Impact

Privilege Escalation: Remote attackers can leverage their privileges on vulnerable systems.
System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.schneider-electric.com/en/download/document/SEVD-2019-134-01/

CVE References

CVE-2019-6814