talk to Us

Schneider Electric PM8000 Meter Vulnerability Warning

Are you aware of the cybersecurity vulnerabilities affecting Schneider Electric's PM8000 series meters? These advanced devices, crucial for your electrical distribution system, have a software flaw that could allow hackers to take control and execute malicious code. In our latest article, we delve into the implications of this vulnerability and share best practices for firmware updates to safeguard your systems. Discover how APT can assist you in identifying and resolving these risks effectively. Don’t wait until it’s too late—empower yourself with the knowledge to protect your infrastructure. Read on to learn more!

Monday April 10th, 2020 – As part of our focused service, APT helps customers resolve electrical meter cybersecurity vulnerabilities. Recently, Schneider Electric revealed specific vulnerabilities with their PM8000 series meters. So, what does this mean?

Unfortunately, these advanced meters are manufactured with a chipset software flaw, Wind River’s VxWorks TCP/IP Stack, with an exploit that targets the URGENT/11 vulnerabilities. As a result, hackers can take over the meter on your network to run their malicious code. Consequently, this has the potential for a wide-ranging impact across multiple IT and industrial applications.

a picture of a schneider electric device and a monitor

Firmware Updates Best Practices

APT tested processes for upgrading the firmware on these PM8000 meters.

Here’s what we found…

  • Firstly, you want to physically connect directly to EACH meter’s communication port.
  • Secondly, ensure your team updates ALL the device firmware packages.
  • Finally, understand that it takes TIME– The updates takes 2-4 hours per meter (depending on the connection and physical access).
a computer screen that says compressed device upgrade package

What’s the Fix?

APT can help you identify your list of vulnerable meters and provide simple options for resolution:

  1. Upgrade one or a few meters per service visit and resolve this over a defined schedule.
  2. Train (as part of our service) one of the customer’s available technical resources to perform the firmware upgrades themselves.
  3. Handle all the meter firmware upgrades as part of an additional service.

If you have any PM8000 meters and are interested in hardening your electrical distribution system against these threats, contact APT and we’ll get started right away.

Andy Taylor, APT Chief Executive Officer

Share the Post:

Related Posts

Sub-Synchronous Oscillation: A Starter Guide for the AI Data Center Era

Sub-synchronous oscillation (SSO) is quickly becoming one of the most important and least understood power risks for AI-era data centers. This starter article steps into the theory behind SSO and why it matters, with the goal of giving you enough grounding to recognize the issue and ask better questions. Over the next few weeks, we will keep returning to this topic and dig deeper into the engineering side, from real data center examples to how monitoring, analytics, and design choices can keep these oscillations from turning into outages.

Read More

NFPA 70B: Why Your Annual IR Scan is Already Obsolete

The 2023 NFPA 70B update, now makes mandatory annual infrared (IR) thermography inspections, impacting OSHA compliance, insurance liability, and a number of other compliance factors. Learn how alternatives exist to manual scanning – enable continuous monitoring systems to replace costly on-site scans, turning your compliance strategy into a proactive reliability asset. Don’t let outdated practices hinder your facility; stay ahead of potential failures and enhance operational efficiency.

Read More

I’m here to help! Make the first step to improve your life by reaching out today.

This site uses Cookies for the best experience.

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device.

Learn More
Continue