Reposting in case the original post didn't show up in some of your Security Updates Feeds. Forgot to tag it with the Security Updates category the first time. The SAGE Team is proud to announce the release of our latest firmware release for the SAGE RTU product family. There are many important security enhancements and exciting features included in this release. See below for more details. The C3414-500-S02K4 firmware can be downloaded from our Downloads -> Firmware Tab or by clicking here. Firmware Highlights
![]()
0 Comments
Update: The SAGE Team is proud to announce the release of our latest firmware release for the SAGE RTU product family. There are many important security enhancements, including this VxWorks Urgent/11 fix, and exciting features included in this release. For more details about the release, see our post here. Schneider Electric is aware of recently disclosed vulnerabilities in Wind River’s VxWorks TCP/IP Stack. These vulnerabilities have wide-ranging impact across multiple IT and industrial applications. We are working closely with Wind River to understand and assess how these vulnerabilities impact Schneider Electric offers and our customers’ operations. We downloaded Wind River’s patches as soon as they were made available to us, and we have quickly instituted a remediation plan to evolve all current and future products that rely on the Wind River platform to embed these fixes. We will continue to monitor and will respond further if new information becomes available. In the meantime, customers should immediately make sure they have implemented cybersecurity best practices across their operations to protect themselves from these vulnerabilities. Where appropriate this includes locating your industrial systems and remotely accessible devices behind firewalls; installing physical controls to prevent unauthorized access; and preventing mission-critical systems and devices from being accessed from outside networks. Please subscribe to the Schneider Electric security notification service to be informed of updates to this disclosure, including details on affected products and remediation plans, as well as other important security notifications: https://www.schneider-electric.com/en/work/support/cybersecurity/security-notifications.jsp www.schneider-electric.com/en/work/support/cybersecurity/security-notifications.jsp For additional information and support, please contact your Schneider Electric sales or service representative or Schneider Electric’s Customer Care Center. An update for our customers regarding the recently announced Urgent/11 VxWorks vulnerabilities. We are aware of the vulnerabilities and working to include the patches for these vulnerabilities in our SAGE RTU operating system. We are committed to the security of your equipment and will release a patch as soon as possible. These vulnerabilities are all related to the TCP/IP network stack. If your RTU is not connected to one of the ethernet ports, which could possibly be accessed from a network, there is no additional risk associated to these devices. Only network connected devices are affected by these vulnerabilities. Serial connections are not affected. These patches will be included in our next firmware release, C3414-500-S02K4, which will include this and other exciting features like RADIUS authentication, and some excellent improvements to our SEL Relay interoperability. Keep an eye out for the firmware release here. If you have any questions, feel free to contact me. See the official announcement for all Schneider Electric products here. https://www.schneider-electric.com/ww/en/download/document/SESB-2019-214-01 ![]()
The SAGE Team is proud to announce the release of our latest firmware release for the SAGE RTU product family. There are many important security enhancements and exciting features included in this release. See below for more details. The C3414-500-S02K4 firmware can be downloaded from our Downloads -> Firmware Tab or by clicking here. Firmware Highlights
![]()
SAGE Monthly Security / Firmware Update Notice
SAGE Monthly Security / Firmware Update Notice
On July 16th, 2019 the North American Electric Reliability Corporation (NERC) issued a Recommendation to Industry addressing supply chain concerns regarding certain Chinese suppliers. Use of products and services from these suppliers represents a tangible risk to the Bulk Electric System.
NERC has required many of our customers to respond regarding the status of our activities in relation to NERC's recommendation. This post serves to provide the status of SAGE RTU's regarding these suppliers.
No components in our SAGE RTU's are sourced from any of the companies in the list above or the attached PDF. This includes our RTU baseboards, I/O Expansion PCB's, the C3414 CPU, and any PC104 Expansion boards. Please contact us if you have any follow up questions regarding our products. SAGE Monthly Security / Firmware Update Notice
SAGE Monthly Security / Firmware Update Notice
SAGE Monthly Security / Firmware Update Notice |
Update Summary: No security related items in firmware release(s) for May 2019. | ![]()
|
SAGE Monthly Security / Firmware Update Notice
Update Summary: No security related items in firmware release(s) for April 2019. | ![]()
|
Categories
All
Bulletins
Security Updates
Archives
July 2024
June 2024
April 2024
February 2024
January 2024
November 2023
October 2023
August 2023
July 2023
June 2023
May 2023
April 2023
March 2023
February 2023
January 2023
December 2022
November 2022
October 2022
September 2022
August 2022
July 2022
June 2022
May 2022
April 2022
March 2022
February 2022
January 2022
December 2021
November 2021
October 2021
September 2021
July 2021
June 2021
April 2021
March 2021
February 2021
January 2021
November 2020
October 2020
August 2020
July 2020
June 2020
April 2020
March 2020
February 2020
January 2020
November 2019
October 2019
September 2019
August 2019
July 2019
June 2019
April 2019
March 2019
February 2019
January 2019
December 2018
November 2018
October 2018
August 2018
July 2018
June 2018
May 2018