PatchSiren cyber security CVE debrief
CVE-2025-1060 Schneider Electric CVE debrief
CVE-2025-1060 is a high-severity information exposure issue affecting Schneider Electric ASCO 5310 Single-Channel Remote Annunciator and ASCO 5350 Eight Channel Remote Annunciator devices. The advisory states that sensitive data could be exposed if an attacker sniffs network traffic. Schneider Electric’s guidance focuses on reducing exposure until a remediation plan is available for future versions. From a defensive standpoint, the main concern is any deployment where these annunciators are reachable over less-trusted networks or where HTTP traffic on port 80 can be observed. The published mitigations emphasize protected network placement, removing default credentials, and restricting access with segmentation and firewall controls.
- Vendor
- Schneider Electric
- Product
- ASCO 5310 Single-Channel Remote Annunciator
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-02-11
- Original CVE updated
- 2025-02-11
- Advisory published
- 2025-02-11
- Advisory updated
- 2025-02-11
Who should care
OT/ICS operators, plant engineers, network/security teams, and asset owners responsible for Schneider Electric ASCO 5310 or ASCO 5350 remote annunciators—especially if the devices are reachable from untrusted networks or rely on HTTP/port 80.
Technical summary
The advisory identifies a CWE-319 cleartext transmission issue in Schneider Electric ASCO 5310 and ASCO 5350 remote annunciators. The vendor states that network traffic sniffing could expose data, and the remediation section specifically calls out blocking unauthorized access to the annunciator’s port 80/HTTP service. A vendor remediation plan is noted for future versions, but no fixed version is provided in the supplied corpus.
Defensive priority
High — prioritize if the devices are deployed on shared, routable, or otherwise observable networks, or if port 80/HTTP access cannot be tightly controlled.
Recommended defensive actions
- Place the remote annunciators in a protected network environment and keep them off the public internet and untrusted networks.
- Change any default passwords to reduce the risk of unauthorized access to device settings and information.
- Use network segmentation and firewall rules to block unauthorized access to the annunciator’s port 80/HTTP service.
- Review the Schneider Electric installation manuals and the vendor security notification page for deployment-specific guidance and updates.
- Subscribe to Schneider Electric security notifications so remediation updates can be tracked when they are published.
Evidence notes
The supplied CISA CSAF advisory and Schneider Electric notice both describe a CWE-319 cleartext transmission issue that can expose data when network traffic is sniffed. The advisory lists ASCO 5310 and ASCO 5350 as affected products and says the vendor is establishing a remediation plan for future versions. Until then, the documented mitigations are network protection, password changes, and blocking unauthorized HTTP access on port 80. The provided corpus does not list this CVE as KEV.
Official resources
-
CVE-2025-1060 CVE record
CVE.org
-
CVE-2025-1060 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed on 2025-02-11 through the CISA CSAF advisory and Schneider Electric security notice in the supplied corpus.