Thanks to the researcher Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) working with Trend Micro Zero Day Initiative the IGSS team has become aware of 1 security issue in IGSS V16 relating to the IGSS Update Service in IGSS V16.0.0.23211 and prior versions.
A security update has been released to fix the issue in IGSS version 16.
Make sure to update the IGSS software either by downloading the latest version or by running IGSS Update from the IGSS Master module or install the latest update from our download section.
If you choose not to use the update provided, then please apply the following mitigations to reduce the risk of an exploit:
- Make sure to disable the IGSS Update Service as an Administrator, and only enable it while installing new updates.
- Read the Security Guideline for IGSS on securing an IGSS SCADA-installation.
- Follow the general security recommendations provided in the security notification and verify that devices are isolated on a private network and that firewalls are configured with strict boundaries for devices that require remote access.
More details can be found in the first security notification that has been released on Schneider Electric Global – Cybersecurity Notifications.