CVE-2024-0568: CWE-287 Improper Authentication in Schneider Electric Harmony Control Relay RMNF22TB30
CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering of device configuration over NFC communication.
AI Analysis
Technical Summary
CVE-2024-0568 is a high-severity vulnerability identified in the Schneider Electric Harmony Control Relay RMNF22TB30, affecting all versions of this product. The vulnerability is classified under CWE-287, which pertains to improper authentication. Specifically, this flaw allows unauthorized actors to tamper with the device's configuration via its NFC (Near Field Communication) interface. The absence of proper authentication mechanisms means that an attacker within NFC range can modify critical relay settings without any credentials or user interaction. Given that the device is used for control relay functions, unauthorized configuration changes could disrupt industrial or building automation processes. The CVSS v3.1 score of 8.8 reflects the vulnerability's high impact on confidentiality, integrity, and availability, with an attack vector requiring adjacent network access (physical proximity), no privileges required, and no user interaction needed. Although no known exploits are currently reported in the wild, the vulnerability's nature and ease of exploitation make it a significant risk for environments relying on these relays for operational control.
Potential Impact
For European organizations, the impact of this vulnerability could be substantial, especially in sectors such as manufacturing, energy, infrastructure, and building automation where Schneider Electric's Harmony Control Relays are commonly deployed. Unauthorized tampering could lead to operational disruptions, safety hazards, and potential physical damage to equipment. Confidentiality breaches could occur if attackers manipulate device configurations to leak sensitive operational data. Integrity and availability impacts are critical as malicious changes could cause relay misoperations, leading to downtime or unsafe conditions. Given Europe's strong regulatory environment around critical infrastructure and industrial control systems, exploitation of this vulnerability could also result in regulatory penalties and reputational damage. The proximity-based attack vector means that physical security controls are crucial, but insider threats or attackers gaining physical access to facilities could exploit this vulnerability.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should implement the following specific measures: 1) Immediately assess and inventory all deployed Schneider Electric Harmony Control Relay RMNF22TB30 devices to identify exposure. 2) Restrict physical access to devices, especially NFC interfaces, by securing relay enclosures and limiting personnel access. 3) Employ NFC shielding or disable NFC communication if not required operationally. 4) Monitor device configurations for unauthorized changes using network and physical security monitoring tools. 5) Engage with Schneider Electric for firmware updates or patches as they become available, and apply them promptly. 6) Implement compensating controls such as multi-factor authentication for device management interfaces if supported. 7) Train staff to recognize and report suspicious physical access attempts. 8) Incorporate this vulnerability into risk assessments and incident response plans to ensure rapid detection and remediation if exploitation occurs.
Affected Countries
Germany, France, Italy, United Kingdom, Netherlands, Belgium, Spain, Poland, Sweden, Finland
CVE-2024-0568: CWE-287 Improper Authentication in Schneider Electric Harmony Control Relay RMNF22TB30
Description
CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering of device configuration over NFC communication.
AI-Powered Analysis
Technical Analysis
CVE-2024-0568 is a high-severity vulnerability identified in the Schneider Electric Harmony Control Relay RMNF22TB30, affecting all versions of this product. The vulnerability is classified under CWE-287, which pertains to improper authentication. Specifically, this flaw allows unauthorized actors to tamper with the device's configuration via its NFC (Near Field Communication) interface. The absence of proper authentication mechanisms means that an attacker within NFC range can modify critical relay settings without any credentials or user interaction. Given that the device is used for control relay functions, unauthorized configuration changes could disrupt industrial or building automation processes. The CVSS v3.1 score of 8.8 reflects the vulnerability's high impact on confidentiality, integrity, and availability, with an attack vector requiring adjacent network access (physical proximity), no privileges required, and no user interaction needed. Although no known exploits are currently reported in the wild, the vulnerability's nature and ease of exploitation make it a significant risk for environments relying on these relays for operational control.
Potential Impact
For European organizations, the impact of this vulnerability could be substantial, especially in sectors such as manufacturing, energy, infrastructure, and building automation where Schneider Electric's Harmony Control Relays are commonly deployed. Unauthorized tampering could lead to operational disruptions, safety hazards, and potential physical damage to equipment. Confidentiality breaches could occur if attackers manipulate device configurations to leak sensitive operational data. Integrity and availability impacts are critical as malicious changes could cause relay misoperations, leading to downtime or unsafe conditions. Given Europe's strong regulatory environment around critical infrastructure and industrial control systems, exploitation of this vulnerability could also result in regulatory penalties and reputational damage. The proximity-based attack vector means that physical security controls are crucial, but insider threats or attackers gaining physical access to facilities could exploit this vulnerability.
Mitigation Recommendations
To mitigate this vulnerability, European organizations should implement the following specific measures: 1) Immediately assess and inventory all deployed Schneider Electric Harmony Control Relay RMNF22TB30 devices to identify exposure. 2) Restrict physical access to devices, especially NFC interfaces, by securing relay enclosures and limiting personnel access. 3) Employ NFC shielding or disable NFC communication if not required operationally. 4) Monitor device configurations for unauthorized changes using network and physical security monitoring tools. 5) Engage with Schneider Electric for firmware updates or patches as they become available, and apply them promptly. 6) Implement compensating controls such as multi-factor authentication for device management interfaces if supported. 7) Train staff to recognize and report suspicious physical access attempts. 8) Incorporate this vulnerability into risk assessments and incident response plans to ensure rapid detection and remediation if exploitation occurs.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- schneider
- Date Reserved
- 2024-01-16T05:38:07.917Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682d9819c4522896dcbd853e
Added to database: 5/21/2025, 9:08:41 AM
Last enriched: 7/5/2025, 6:40:11 AM
Last updated: 8/12/2025, 4:08:28 PM
Views: 17
Related Threats
Researcher to release exploit for full auth bypass on FortiWeb
HighCVE-2025-9091: Hard-coded Credentials in Tenda AC20
LowCVE-2025-9090: Command Injection in Tenda AC20
MediumCVE-2025-9092: CWE-400 Uncontrolled Resource Consumption in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0
LowCVE-2025-9089: Stack-based Buffer Overflow in Tenda AC20
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.