Skip to main content
Security Advisory

Schneider Electric’s GP Pro Ex

Restrict access to UDP/27127 and TCP/502 on all Schneider Modicon PLCs, and ensure that SoMachine Basic workstations prevent remote access to TCP/27699, and TCP/27700+ (sequential ports dependent upon the number of serial ports that the workstation has available).

Risk Information

affected product:

GP-Pro EX: v4.09.250 and prior

Possible Threat

CVE ID

CVE-2021-22775

ID

CVE-2021-22775

Source

Dragos

Skill Level

N/A

CVSSV3 BASE / TEMPORAL SCORE

N/A

CVSSV3 vector

N/A

Affecting

  • GP-Pro EX: v4.09.250 and prior
  • Vulnerability Type

    Uncontrolled Search Path Element

    Disclosure Timeline

    08/10/2021 - Dragos discloses issue