New Vulnerabilities in Power Monitoring Expert
Schneider Electric, the producer of Power Monitoring Expert (PME), recently released a notification that several of their applications commonly experience multiple vulnerabilities. Schneider has identified Power Monitoring Expert versions 7.x – 9.0 as those affected. Consequently, these vulnerabilities could allow for arbitrary code execution.
In other words, they can access any executable code they wish to on your PME server. Subsequently, these vulnerabilities may qualify for the execution of malicious code, which could infect other systems.
APT’s Assessment
At APT take this vulnerability quite seriously. We rate the severity level as High. Therefore, we recommend that our customers update the latest version of Power Monitoring Expert (Version 2020) to mitigate any potential threat. Failure to do so may result in an intrusion into your PME system and the attached network.
New vulnerabilities are discovered regularly. APT works diligently to track these vulnerabilities and help customers keep their systems and control networks safe. Subsequently, we recommend keeping your operating systems, database services, and other applications up to date.
Further, with smart devices becoming more and more capable, these devices are themselves becoming more vulnerable to attack. These devices often run their operating system and can host malicious software that can further infect your networks.
Looking for a PME Upgrade?
APT has a solution. Applied Power Technologies team of EcoXperts have extensive experience in installing, configuring, securing, and maintaining all of your critical power infrastructures. We work as an integral part of your team to define your system requirements and build a comprehensive monitoring solution that will provide trouble-free service.
Contact us to request a quote for your Power Monitoring Expert Upgrade today!
Rick Deming, APT Senior Systems Engineer