FixVibe
FixVibe द्वारा कवर किया गयाcritical

Critical Remote Code Execution in PowerLogic EGX Gateways (CVE-2021-22768)

CVE-2021-22768 is an improper input validation issue in Schneider Electric PowerLogic EGX100 and EGX300 gateways. FixVibe covers the public HTTP product and firmware evidence for the affected range without sending crafted packets or attempting exploitation.

CVE-2021-22768CWE-20

Attacker Impact

CVE-2021-22768 is an improper input validation issue in PowerLogic EGX100 firmware 3.0.0 and newer and PowerLogic EGX300 all versions. Schneider Electric and NVD describe possible denial of service or remote code execution via specially crafted HTTP packets [S1][S2].

Affected Configurations

The advisory range is PowerLogic EGX100 firmware 3.0.0 and newer and PowerLogic EGX300 all versions [S1][S2]. Schneider groups this with related PowerLogic EGX improper-input-validation advisories over the same product family, including CVE-2021-22767 [S2][S3].

Concrete Fixes

  • Isolate HTTP management: Block untrusted HTTP access after commissioning and keep the gateway behind industrial firewall, VPN, or segmented management controls [S2].
  • Verify inventory: Confirm the model and firmware from the gateway, trusted asset inventory, or Schneider-supported tooling rather than relying only on public HTTP banners.
  • Replace unsupported gateways: Schneider identifies EGX100 and EGX300 as end-of-service in the security notification, so plan replacement with a supported Schneider Electric gateway [S2].

Covered by FixVibe

FixVibe verified active scans can report when a verified target returns strong HTTP evidence of PowerLogic EGX100 firmware in the affected range or PowerLogic EGX300 product evidence. This is product/firmware advisory correlation for CVE-2021-22768 and the related PowerLogic EGX advisory family. FixVibe does not send specially crafted HTTP packets, authenticate to the gateway, query Modbus or serial paths, crash-test the device, prove denial of service or code execution, or prove attacker reachability beyond the scanned HTTP surface.

Critical Remote Code Execution in PowerLogic EGX Gateways (CVE-2021-22768) — FixVibe research · FixVibe