Schneider Electric is aware of recently disclosed vulnerabilities in Wind River’s VxWorks TCP/IP Stack. These vulnerabilities have wide-ranging impact across multiple IT and industrial applications. We are working closely with Wind River to understand and assess how these vulnerabilities impact Schneider Electric offers and our customers’ operations.
​
We downloaded Wind River’s patches as soon as they were made available to us, and we have quickly instituted a remediation plan to evolve all current and future products that rely on the Wind River platform to embed these fixes. We will continue to monitor and will respond further if new information becomes available.

In the meantime, customers should immediately make sure they have implemented cybersecurity best practices across their operations to protect themselves from these vulnerabilities. Where appropriate this includes locating your industrial systems and remotely accessible devices behind firewalls; installing physical controls to prevent unauthorized access; and preventing mission-critical systems and devices from being accessed from outside networks.

Please subscribe to the Schneider Electric security notification service to be informed of updates to this disclosure, including details on affected products and remediation plans, as well as other important security notifications:
https://www.schneider-electric.com/en/work/support/cybersecurity/security-notifications.jsp www.schneider-electric.com/en/work/support/cybersecurity/security-notifications.jsp
For additional information and support, please contact your Schneider Electric sales or service representative or Schneider Electric’s Customer Care Center. 

An update for our customers regarding the recently announced Urgent/11 VxWorks vulnerabilities.

We are aware of the vulnerabilities and working to include the patches for these vulnerabilities in our SAGE RTU operating system. We are committed to the security of your equipment and will release a patch as soon as possible. 

​These vulnerabilities are all related to the TCP/IP network stack.  If your RTU is not connected to one of the ethernet ports, which could possibly be accessed from a network, there is no additional risk associated to these devices.  Only network connected devices are affected by these vulnerabilities. Serial connections are not affected.  

These patches will be included in our next firmware release, C3414-500-S02K4, which will include this and other exciting features like RADIUS authentication, and some excellent improvements to our SEL Relay interoperability.  Keep an eye out for the firmware release here.  

​If you have any questions, feel free to contact me.  

See the official announcement for all Schneider Electric products here.
https://www.schneider-electric.com/ww/en/download/document/SESB-2019-214-01

​On July 16th, 2019 the North American Electric Reliability Corporation (NERC) issued a Recommendation to Industry addressing supply chain concerns regarding certain Chinese suppliers.  Use of products and services from these suppliers represents a tangible risk to the Bulk Electric System.
 
NERC has required many of our customers to respond regarding the status of our activities in relation to NERC's recommendation.  This post serves to provide the status of SAGE RTU's regarding these suppliers.

• Huawei Technologies Company
• ZTE Corporation
• Hytera Communications Corporation
• Hangzhou Hikvision Digital Technology Company
• Dahua Technology Company
• DJI (Da-Jiang Innovations)
• Zero Tech
• Yuneec
• Autel

No components in our SAGE RTU's are sourced from any of the companies in the list above or the attached PDF.  This includes our RTU baseboards, I/O Expansion PCB's, the C3414 CPU, and any PC104 Expansion boards.  
​
Please contact us if you have any follow up questions regarding our products.  

All of the posts from this page will show up in your Outlook client, including our Monthly Cybersecurity Updates, Product Announcements, and other News.  

3. (Optional) Add the RSS Feed to your Favorites for quick access. 

The new firmware can be downloaded on the Downloads section of this website.  
​For use with the red C3414 (LX-800) CPU. Will not work with previous CPU hardware versions.  
Enhancements:

• FTP Push Application:  New application which allows SEL History, Event, and Sequential Event Recorder reports to be retrieved from SEL relays and pushed to central repositories for quick analysis.
• Annunciator Panel:  Increased number of points per cell from 16 to 60.  Also increased the number of cells from 30 to 60.
• Data Trap Application:  Data Trap now supports up to 5 simultaneous protocol capture sessions and launched from the Applications Menu block.  
• DNPR Protocol:  Now sets local forced flag in health byte (in variations that send flags) when points are forced on the GUI.

Fixes:

• SEL Protocol: Update to autoconfigure to support new relay models and HIS, EVE, and SER report retrieval.
• Force Data:  Fix analog calculation bug preventing some analog events from being detected.

That’s a good thing. The Secure Firmware includes everything from the legacy firmware with lots of improvements.
Download the Secure Firmware Announcement here.