Skip to main content

CVE-2024-0568: CWE-287 Improper Authentication in Schneider Electric Harmony Control Relay RMNF22TB30

High
VulnerabilityCVE-2024-0568cvecve-2024-0568cwe-287
Published: Wed Feb 14 2024 (02/14/2024, 16:58:59 UTC)
Source: CVE
Vendor/Project: Schneider Electric
Product: Harmony Control Relay RMNF22TB30

Description

CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering of device configuration over NFC communication.

AI-Powered Analysis

AILast updated: 07/05/2025, 06:40:11 UTC

Technical Analysis

CVE-2024-0568 is a high-severity vulnerability identified in the Schneider Electric Harmony Control Relay RMNF22TB30, affecting all versions of this product. The vulnerability is classified under CWE-287, which pertains to improper authentication. Specifically, this flaw allows unauthorized actors to tamper with the device's configuration via its NFC (Near Field Communication) interface. The absence of proper authentication mechanisms means that an attacker within NFC range can modify critical relay settings without any credentials or user interaction. Given that the device is used for control relay functions, unauthorized configuration changes could disrupt industrial or building automation processes. The CVSS v3.1 score of 8.8 reflects the vulnerability's high impact on confidentiality, integrity, and availability, with an attack vector requiring adjacent network access (physical proximity), no privileges required, and no user interaction needed. Although no known exploits are currently reported in the wild, the vulnerability's nature and ease of exploitation make it a significant risk for environments relying on these relays for operational control.

Potential Impact

For European organizations, the impact of this vulnerability could be substantial, especially in sectors such as manufacturing, energy, infrastructure, and building automation where Schneider Electric's Harmony Control Relays are commonly deployed. Unauthorized tampering could lead to operational disruptions, safety hazards, and potential physical damage to equipment. Confidentiality breaches could occur if attackers manipulate device configurations to leak sensitive operational data. Integrity and availability impacts are critical as malicious changes could cause relay misoperations, leading to downtime or unsafe conditions. Given Europe's strong regulatory environment around critical infrastructure and industrial control systems, exploitation of this vulnerability could also result in regulatory penalties and reputational damage. The proximity-based attack vector means that physical security controls are crucial, but insider threats or attackers gaining physical access to facilities could exploit this vulnerability.

Mitigation Recommendations

To mitigate this vulnerability, European organizations should implement the following specific measures: 1) Immediately assess and inventory all deployed Schneider Electric Harmony Control Relay RMNF22TB30 devices to identify exposure. 2) Restrict physical access to devices, especially NFC interfaces, by securing relay enclosures and limiting personnel access. 3) Employ NFC shielding or disable NFC communication if not required operationally. 4) Monitor device configurations for unauthorized changes using network and physical security monitoring tools. 5) Engage with Schneider Electric for firmware updates or patches as they become available, and apply them promptly. 6) Implement compensating controls such as multi-factor authentication for device management interfaces if supported. 7) Train staff to recognize and report suspicious physical access attempts. 8) Incorporate this vulnerability into risk assessments and incident response plans to ensure rapid detection and remediation if exploitation occurs.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
schneider
Date Reserved
2024-01-16T05:38:07.917Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d9819c4522896dcbd853e

Added to database: 5/21/2025, 9:08:41 AM

Last enriched: 7/5/2025, 6:40:11 AM

Last updated: 8/12/2025, 4:08:28 PM

Views: 17

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats