• Integrated Circuits IGBTs MOSFETs Discrete Semiconductors RF and Microwave Passives Motors & Actuators Microphones & Speakers Connectors Electronic Materials Thermal Management LCD&LED Displays Automation & Control Power & Batteries Test & Measurement Mechanical and Metal Parts Tools

Schneider Electric Security Bulletin-Legacy Triconex™Product Vulnerabilities

2022-04-20
CVE-2020-7483,CVE-2020-7434,CVE-2020-7485,CVE-2020-7486
●Overview
■Before being acquired by Schneider Electric, the then-Invensys Triconex brand team discovered and remediated multiple vulnerabilities affecting legacy versions of the company's Triconex brand safety instrumented system offer, following company processes and procedures in place at that time. The vulnerabilities affected:
▲TriStation™ 1131 v1.0 to v4.9.0, and v4.10.0 to 4.12.0 operating on Windows®NT, Windows XP or Windows 7
▲Tricon™ Communication Module (TCM) Models 4351, 4352, 4351A/B and 4352A/B installed in Tricon v10.0 to v10.5.3 systems
■Customers were then notified of updated product availability via direct-to-customer notification. See the table in the "Available Remediations"section below for links to the release notifications (registration required).
■In 2019, an independent researcher notified Schneider Electric of these same vulnerabilities. As part of its strong commitment to being as open, transparent and collaborative as possible to help its customers and global industry prevent and respond to potential cybersecurity threats and vulnerabilities, Schneider Electric, in collaboration with MITRE CVEand the independent researcher,has issued CVE®(Common Vulnerabilities and Exposures) Entries for these previously identified and fixed product vulnerabilities.
■Users of current and more recent versions of the identified firmware and software offers are not exposed to these specific vulnerabilities. Schneider Electric continues to urge customers always to implement and adhere to the instructions provided in the "Security Considerations"sections of customers'Triconex documentation (Planning and Installation Guidesand TriStation 1131 Developer's Guide) and Triconex System Security Reference Guide. The company also strongly recommends upgrading to the latest versions of Microsoft®Operating Systems, including updating to the newest Windows platforms that host Triconex software.
■If interested, see below for more information about these vulnerabilities.

SCHNEIDER

CVE-2020-7483CVE-2020-7434CVE-2020-7485CVE-2020-7486CVE-2020-7491

More

Part#

More

More

Supplier and Product Introduction

More

More

Please see the document for details

More

More

English Chinese Chinese and English Japanese

23 June 2020

V2.1

SESB-2020-105-01

198 KB

Data section preview(2pages)
- The full preview is over. If you want to read the whole 5 page document,please Sign in/Register -
Download
  • +1 Like
  • Add to Favorites

Recommend

All reproduced articles on this site are for the purpose of conveying more information and clearly indicate the source. If media or individuals who do not want to be reproduced can contact us, which will be deleted.

Integrated Circuits

Discrete Components

Connectors & Structural Components

Assembly UnitModules & Accessories

Power Supplies & Power Modules

Electronic Materials

Instrumentation & Test Kit

Electrical Tools & Materials

Mechatronics

Processing & Customization

Contact Us

Email: