Electrical utility enterprises are increasingly vulnerable. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory regarding multiple vulnerabilities affecting Schneider Electric’s Easergy medium voltage protection relays.
According to CISA, successful exploitation of these vulnerabilities could lead to serious consequences, including:
- Exposure of device credentials
- Denial-of-service conditions
- Unexpected device reboots
- Full attacker control over the relay
Thus, such scenarios could compromise the electrical network’s protection and integrity.
Key Vulnerabilities in Easergy Relays
Two high-severity flaws were identified in the Easergy relays:
- Hardcoded Credentials: These credentials could be exploited to monitor and manipulate device traffic.
- Buffer Overflow: This flaw might cause program crashes and allow arbitrary code execution.
These vulnerabilities were discovered and reported by security researchers Timothée Chauvin, Paul Noalhyt, and Yuanshe Wu from Red Balloon Security and Schneider Electric has since addressed the issues.
Critical Vulnerabilities Across other electrical Utility enterprises
This advisory comes on the heels of another CISA warning about critical vulnerabilities in Schneider Electric’s Interactive Graphical SCADA System. If exploited, those flaws could lead to data exposure and loss of control over SCADA operations.
CISA has also flagged security risks in General Electric’s Proficy CIMPLICITY SCADA software, highlighting two vulnerabilities that could be leveraged for sensitive data exposure, code execution, and privilege escalation.
Threats to Industrial Control Systems (ICS)
Adding to these concerns, cybersecurity firm Dragos recently revealed malicious activity by three new threat groups—Kostovite, Erythrite, and Petrovite. These actors have targeted operational technology (OT) environments within renewable energy, electrical utilities, and mining sectors across Canada, Kazakhstan, and the U.S.
These developments underscore the growing risks to critical infrastructure and the urgent need for robust cybersecurity measures to protect industrial control systems.
How to Protect Yourself
Electrical utility enterprises are increasingly vulnerable. However, there is light at the end of the tunnel. The best offense is a good defense. Having a proactive and forward-thinking cyber security team is key to staying ahead of the curve of hackers, being abreast to new tools to defend yourself, and safeguarding your entire organization. Looking for ways to stay ahead of the curve as we head in 2025? Velox Systems has specific tools and systems for electrical utility enterprises. Unsure of where to start or what you can do to bolster defenses? Let’s chat today.