Advisory (ICSA-16-070-01)

Version 2

    Schneider Electric has become aware of a vulnerability in the SAGE RTU’s related to improper Ethernet frame padding.

    Schneider Electric Telvent RTU Improper Ethernet Frame Padding Vulnerability | ICS-CERT


    The data padding within the data field of the Ethernet pack should be all zeros. The firmware allowed other data from a known area of memory to be used in this field and could exfiltrate or leak data.


    The vulnerability has been fixed in the C3414-500-S02J2 firmware (released in March 2015) and is fixed in all subsequent C3414 firmware releases (K0 and beyond)