Product
HMI
Part No.
Undisclosed
Make
Schneider Electric
Vulnerability
Reported
Disclosure Timeline
3/Jan/2019 - Vulnerability reported
8/Jan/2019 - Schneider acknowledge & requested for detailed description
9/Jan/2019 - POC submitted to M/s. Schneider
17/Jan/2019 - M/s. Schneider requested for any update
31/Jan/2019 - M/s. Schneider electric responded that their team is working on confirming the vulnerability
04/Feb/2019 - Threat-Mitigation techniques submitted
15/Feb/2019 - M/s. Schneider electric requested for POC with Unity Pro
18/Feb/2019 - POC using Unity pro application submitted
21/Feb/2019 - M/s. Schneider electric requested for compromised version and python scripts
22/Feb/2019 - Version details with python scripts submitted
08/Mar/2019 - C3i Center asks for an update
18/Mar/2019- M/s. Schneider requested for a list of all vulnerabilities
19/Mar/2019 - C3i Center shared a list of vulnerabilities reported yet
20/Mar/2019 - M/s. Schneider thanks to C3i center and agreed to provide update on all the cases by early next week.
21/Mar/2019 - C3i Center acknowledged their mail and awaiting for their valuable response
27/Mar/2019 - M/s. Schneider responded that Attack scenario still under
investigation by security team
Status
Under Investigation
Case number
264781

This site is under Maintenance