Technical FAQs

Ask a Question

Is StruxureWare DCE or NetBotz susceptible to the WannaCry vulnerability?

Issue:

Is StruxureWare DCE or NetBotz suceptable to the WannaCry vulnerability?

Product Line:

StruxureWare Data Center Expert (DCE)
AP9465, AP9470, AP9475, AP94VMTRL

StruxureWare Data Center Operation (DCO)

NetBotz
NBWL0500, NBWL0420, NBWL0320, NBWL0355, NBWL0455, NBRK0450, NBRK0550, NBRK0570

APC Network Management Cards (NMC)
·                          Network Management Card 1 - AP9617, AP9618, AP9619
Devices with an embedded Network Management Card 1 include (but are not limited to): Metered/Switched Rack PDUs (AP78XX, AP79XX), Rack Automatic Transfer Switches (AP77XX, Environmental Monitoring Units (AP9320, AP9340, Netbotz 200, NetBotz 250)
·                          Network Management Card 2 - AP9630/AP9630CH, AP9631/AP9631CH, AP9635/35CH
Devices with an embedded Network Management Card 2 include (but are not limited to): 2G Metered/Switched Rack PDUs (AP84XX, AP86XX, AP88XX, AP89XX), Certain Audio/Video Network Management Enabled products.



Environment:

Any version DCO, DCE, NetBotz appliance, or NMC

Cause:

CVE-2017-0144, also known as WannaCry, is a high level vulnerability that many customers have contacted Schneider Electric about to find out if StruxureWare DCE or NetBotz are vulnerable.

Resolution:

WannaCry allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability."

As per the link below, this effects:
Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607
https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0144

Neither DCE, DCO, NetBotz, or the APC NMC run any version of Windows operating system and as such are not vulnerable to this attack.
More information on these platforms can be found on http://DCIMsupport.apc.com
Was this helpful?
What can we do to improve the information ?