{}

Our Brands

Search FAQs

Treck TCP/IP Vulnerabilities (Ripple20)

Issue:

In early May 2020, Schneider Electric was made aware of vulnerabilities within Treck Inc.’s embedded TCP/IP stack. Based on the data, information, and analysis provided at the time, Schneider Electric immediately assessed how those vulnerabilities affected our offers and issued a security notification alongside Treck’s public disclosure in June 2020, alerting customers to their risks and encouraging them to take immediate steps to mitigate and remediate those risks as quickly as possible.

On October 12, 2020, Schneider Electric was provided additional information and analysis related to how vulnerabilities in the Treck stack impact APC by Schneider Electric Network Management Cards. This new analysis indicates that the information we had previously received was incomplete. Therefore, the remediation previously provided for this offer is only partially effective. Accordingly, we have updated our original security notification and are expediting an updated remediation.

We continue to investigate if other Schneider Electric offers are impacted by the additional information we have received and will provide updates accordingly. In the meantime, customers should immediately ensure they have implemented cybersecurity best practices across their operations to protect themselves from the vulnerabilities within Treck Inc.’s embedded TCP/IP stack. Where appropriate, this includes locating their systems and remotely accessible devices behind firewalls; installing physical controls to prevent unauthorized access; and preventing mission-critical systems and devices from being accessed from outside networks.


To stay up to date on security notifications, please register for Schneider Electric Cybersecurity Notifications here: https://www.se.com/ww/en/work/support/cybersecurity/security-notifications.jsp.

Product Line:
  • UPS Network Management Cards (NMC) (SmartSlot, pre-installed with Smart-UPS, Symmetra, Galaxy 3500, SUVT UPS, 3-phase Smart-UPS & Symmetra UPS)
  • Devices with an embedded Network Management Card include Smart-UPS, Symmetra, Galaxy UPS, Metered/Switched Rack PDUs, Rack Automatic Transfer Switches, Environmental Monitoring Units, Cooling.

A full list of impacted offers can be found here: APC Specific Ripple20 Notification as well as the general Schneider Electric Ripple20 Security Notification

Resolution:

This issue (specific CVE associated with the issues are listed in the security notification here - https://www.se.com/ww/en/download/document/SEVD-2020-174-01/ ) will be resolved via firmware upgrade, links to the various applications are listed below. This kBase is dedicated only to provide APC Network Management Cards firmware updates.

This article identifies the first firmware revisions that included the Treck security updates. For current firmware revisions, please check the Schneider Electric website, or contact your local support team.

For support on performing a firmware upgrade, please visit https://www.apc.com/us/en/faqs/FA156047/.

NOTE: Certain vulnerability scanning software detects the presence of the Treck stack, and the below firmware revisions may still scan as vulnerable although the issue has been fixed. Please contact the vendor of the scanning software to ensure the plugins have been updated to account for Treck fixes.


Available Remediations

ProductAffected VersionAddressed
CVEs
Remediation/Mitigation

Uninterruptible Power Supply (UPS)

NMC2 for UPS models including Smart-UPS, 1-Phase Symmetra, and Galaxy 3500 with Network Management Card 2 (NMC2): (SUMX, SY)
  • AP9630/AP9630CH/AP9630J
  • AP9631/AP9631CH/AP9631J
  • AP9635/AP9635CH
NMC2 AOS V6.9.4
and earlier


CVE-2020-11902
CVE-2020-11904
CVE-2020-11905
CVE-2020-11906
CVE-2020-11907
CVE-2020-11909
CVE-2020-11910
CVE-2020-11911
CVE-2020-11912
CVE-2020-11913
CVE-2020-11914
CVE-2020-11896
CVE-2020-11898
CVE-2020-11899
CVE-2020-11901
Version: v6.9.6 & later

SUMX (SmartUPS & Galaxy 3500

SY (Single Phase Symmetra)


NMC2 for Symmetra PX 48/96/100/160 kW UPS (PX2)
  • AP9630/AP9630CH/AP9630J
  • AP9631/AP9631CH/AP9631J
  • AP9635/AP9635CH


PX2
NMC2 for Symmetra PX 20/40 kW UPS
  • AP9630/AP9630CH/AP9630J
  • AP9631/AP9631CH/AP9631J
  • AP9635/AP9635CH


SY3P
SY3P Release notes
Network Management Card 3 (NMC3)
Smart-UPS SmartSlot card models: (SU)
  • AP9640/AP9640J
  • AP9641/AP9641J
NMC3 AOS V1.3.3.1
and earlier
CVE-2020-11902
CVE-2020-11904
CVE-2020-11905
CVE-2020-11906
CVE-2020-11907
CVE-2020-11909
CVE-2020-11910
CVE-2020-11911
CVE-2020-11912
CVE-2020-11913
CVE-2020-11914
CVE-2020-11896
CVE-2020-11898
CVE-2020-11899
CVE-2020-11901
Version: v1.4 & later

SU (SmartUPS & Galaxy 3500

SY (Single Phase Symmetra)

Release notes



Uninterruptable Power Supply (UPS) using NMC1  - SUMX
  • AP9617 (discontinued in Nov 2011)
  • AP9619 (discontinued in Sep 2012)
  • AP9618 (discontinued in Jan 2017
  • Smart-UPS models embedded with NMC1
Smart-UPS NMC1 v3.9.2 and earlierAll CVEs impacting NMC1*

*Full list in the Vulnerability Details section
Patches for the vulnerabilities have been released for the SUMX application running on the NMC1 platform.

Customers are urged to upgrade to applications using NMC2 AOS V3.9.4 or later


APC Power Distribution Products
Network Management Card 2 (NMC2) for InfraStruxure 150 kVA PDU with 84 Poles (X84P)
  • PDPB150G6F

Network Management Card 2 for InfraStruxure 40/60kVA PDU (XPDU)
  • PD40G6FK1-M, PD40F6FK1-M, PD40L6FK1-M, PDRPPNX10 M,PD60G6FK1, PD60F6FK1, PD60L6FK1, PDRPPNX10, PD40E5EK20-M, PD40H5EK20-M

Network Management Card 2 for Modular 150/175kVA PDU (XRDP)
-     PDPM150G6F, PDPM150L6F, PDPM175G6H

Network Management Card 2 for 400 and 500 kVA PMM
  • PMM400-ALA, PMM400-ALAX, PMM400-CUB, PMM500-ALA, PMM500-ALAX, PMM500-CUB

Network Management Card 2 for Modular PDU/RPP (XRDP2G)
  • PDPM72F-5U, PDPM138H-5U, PDPM144F, PDPM138H-R, PDPM277H, PDPM288G6H
NMC2 AOS v6.9.4 and earlier


CVE-2020-11902
CVE-2020-11904
CVE-2020-11905
CVE-2020-11906
CVE-2020-11907
CVE-2020-11909
CVE-2020-11910
CVE-2020-11911
CVE-2020-11912
CVE-2020-11913
CVE-2020-11914
CVE-2020-11896
CVE-2020-11898
CVE-2020-11899
CVE-2020-11901


Version 6.9.6 & later

X84P
X84P Release notes


XPDU
XPDU Release notes


XRDP
XRDP Release notes


XRDP2G
XRDP2G Release notes

PMM
PMM Release notes
APC Rack Power Distribution Units (PDU)

Embedded NMC2:
  • 2G Metered/Switched Rack PDUs with embedded NMC2
  • AP84XX, AP86XX, AP88XX, AP89XX
Embedded NMC1:
  • Metered/Switched Rack PDU's with embedded NMC1 AP78xx, AP79xx
NMC2 AOS v6.9.4 and earlier

*NMC1 AOS v3.9.2 and earlier
CVE-2020-11902
CVE-2020-11904
CVE-2020-11905
CVE-2020-11906
CVE-2020-11907
CVE-2020-11909
CVE-2020-11910
CVE-2020-11911
CVE-2020-11912
CVE-2020-11913
CVE-2020-11914
CVE-2020-11896
CVE-2020-11898
CVE-2020-11899
CVE-2020-11901

*All CVEs impacting NMC1
Full list in the Vulnerability Details section
NMC2 Version: v6.9.6 & later

RPDU2G
Release notes


Patches for the vulnerabilities have been released for applications running on the NMC1 platform.

Customers are urged to upgrade to applications using NMC1 AOSV3.9.4 or later
Rack Automatic Transfer Switches (ATS)

Embedded NMC2:
  • Rack Automatic Transfer Switches - AP44XX (ATS4G)
Embedded NMC1
  • Rack Automatic Transfer Switches - AP77xx
NMC2 AOS V6.9.4 and earlier

NMC1 AOS c3.9.2 and earlier
CVE-2020-11902
CVE-2020-11904
CVE-2020-11905
CVE-2020-11906
CVE-2020-11907
CVE-2020-11909
CVE-2020-11910
CVE-2020-11911
CVE-2020-11912
CVE-2020-11913
CVE-2020-11914
CVE-2020-11896
CVE-2020-11898
CVE-2020-11899
CVE-2020-11901

All CVEs impacting NMC1 and NMC2*

*Full list in the Vulnerability Details section
Patches for the vulnerabilities have been released for applications running on the NMC1 and NMC2 platform.

Customers are urged to upgrade to applications using NMC2 AOSV6.9.6 or later or NMC1 AOSv3.9.4 or later

Note: NMC2 AOS V6.9.2/6.9.4 addressed 14 of the 15 CVEs. AOS V6.9.6 addresses CVE-2020-11901.

ATS4G
ATS4G Release notes
Environmental Monitoring

Environmental Monitoring Unit with embedded NMC2
  • NetBotz NBRK0250
NMC2 AOS V6.9.4 and earlierCVE-2020-11902
CVE-2020-11904
CVE-2020-11905
CVE-2020-11906
CVE-2020-11907
CVE-2020-11909
CVE-2020-11910
CVE-2020-11911
CVE-2020-11912
CVE-2020-11913
CVE-2020-11914
CVE-2020-11896
CVE-2020-11898
CVE-2020-11899
CVE-2020-11901
Version: v6.9.6 & later

NB250
Release notes
Network Management Card 2 (NMC2) Cooling / Battery Management Products
  • Aquaflair TSA/TRA Chiller Touchscreen Display (UNFLRTSA)
  • Uniflair LE Perimeter Cooling Display for SKUs: TDAV, TUAV, TDWV, TUWV, TDEV, TUEV, TDCV, TUCV, and HDCV  (UNFLRLE)
  • Uniflair LE DX Perimeter Cooling Display for SKUs: IDAV, IDEV, IDWV, IUAV, IUEV, IUWV, IXAV, IXEV, IXWV, LDAV, LDEV, and LDWV (LEDX2G)
  • Uniflair LEL Perimeter Cooling Touchscreen Display for LDCV, and LUCV (UNFLRLEL)
  • InRow Cooling for series ACRP5xx, ACRP1xx, ACRD5xx, and ACRC5xx SKUs (ACRP2G)
  • InRow Cooling for series ACRC10x SKUs (RC10X2G)
  • InRow Cooling for series ACRD6xx and ACRC6xx SKUs  (ACRD2G)
  • InRow Cooling Display for series ACRD3xx (ACRC2G)
  • InRow Cooling Display for series ACRC3xx (RD3XX)
  • InRow Cooling for series ACSC1xx SKUs (SC2G)
  • InRow Cooling for series ACRD1xx and ACRD2xx (ACRPTK2G)
  • Ecoflair IAEC25/50 Air Economizer Display (EB2G)
  • Uniflair DSA Trim Chiller Display (TRMCHLR)
  • Uniflair SP , UCF0481I, UCF0341I (UNFLRSP)
  • Uniflair AM Perimeter Cooling Display  SKUs: SDCC, SDCV, SDAC, ADAV, SDWC, SDWV, SUAC, SUAV, SUWC, SUWV (AMICO)
  • AP9922 Battery Management System (BM4)
NMC2 AOS V6.8.8 and earlierCVE-2020-11902
CVE-2020-11904
CVE-2020-11905
CVE-2020-11906
CVE-2020-11907
CVE-2020-11909
CVE-2020-11910
CVE-2020-11911
CVE-2020-11912
CVE-2020-11913
CVE-2020-11914
CVE-2020-11896
CVE-2020-11898
CVE-2020-11899

Please contact your local support team

NMC2 AOS v6.9.4 and earlierCVE-2020-11901Available for the following applications from your local support team:
  • UNFLRLE
  • ACRC2G
  • ACRD1xx/2xx
  • ACSC10x
  • RD/RC60x
  • RP10x/50x/RC50x/RD50x
  • Uniflair SP
  • RD3xx
  • RB2G
  • AMICO
  • Trim Chiller
All other applications please contact your local support team.
Cooling Products

Embedded NMC1
  • Rack Air Removal Unit SX (RARU)
NMC1 AOS V3.9.2 and earlier
All CVEs impacting NMC1*

*Full list in the Vulnerability Details section
Patches for the vulnerabilities have been released for RARU NMC1 application

Customers are urged to upgrade to applications using NMC1 AOSV3.9.4 or later


Please revisit this page for future firmware updates relevant for your respective Schneider Electric products.

APC USA

Explore more
Range:
UPS Network Management Cards
Explore more
Range:
UPS Network Management Cards
Users group

Discuss this topic with experts

Visit our Community for first-hand insights from experts and peers on this topic and more.