Is StruxureWare DCE or NetBotz susceptible to the WannaCry vulnerability?
Is StruxureWare DCE or NetBotz suceptable to the WannaCry vulnerability?
StruxureWare Data Center Expert (DCE)
AP9465, AP9470, AP9475, AP94VMTRL
StruxureWare Data Center Operation (DCO)
NBWL0500, NBWL0420, NBWL0320, NBWL0355, NBWL0455, NBRK0450, NBRK0550, NBRK0570
APC Network Management Cards (NMC)
· Network Management Card 1 - AP9617, AP9618, AP9619
Devices with an embedded Network Management Card 1 include (but are not limited to): Metered/Switched Rack PDUs (AP78XX, AP79XX), Rack Automatic Transfer Switches (AP77XX, Environmental Monitoring Units (AP9320, AP9340, Netbotz 200, NetBotz 250)
· Network Management Card 2 - AP9630/AP9630CH, AP9631/AP9631CH, AP9635/35CH
Devices with an embedded Network Management Card 2 include (but are not limited to): 2G Metered/Switched Rack PDUs (AP84XX, AP86XX, AP88XX, AP89XX), Certain Audio/Video Network Management Enabled products.
Any version DCO, DCE, NetBotz appliance, or NMC
CVE-2017-0144, also known as WannaCry, is a high level vulnerability that many customers have contacted Schneider Electric about to find out if StruxureWare DCE or NetBotz are vulnerable.
WannaCry allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability."
As per the link below, this effects:
Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607
Neither DCE, DCO, NetBotz, or the APC NMC run any version of Windows operating system and as such are not vulnerable to this attack.
More information on these platforms can be found on http://DCIMsupport.apc.com