Schneider Electric has shipped USB sticks that may contain malware. These USB sticks were shipped with Conext Combox and Conext Battery Monitor.
The company states that the devices “became contaminated” during manufacture, reports ZDNet. This would have happened to a third party, which is otherwise unknown. However, the malware on the USB sticks would be “detected and blocked by all major anti-malware programs”.
The affected USB sticks are included with all recently shipped versions of Conext Combo and Conext Battery Monitor. The USB sticks themselves contain “non-essential” software and user manuals. This information can also be downloaded from the website. Schneider Electric therefore advises customers not to use the USB sticks and to throw them away.
Users who think they have used one of the affected USB sticks are advised to scan the entire system for malware. This can be done with any standard anti-malware program. “Users are also encouraged to have good endpoint protection, including active malware detection, as part of their security,” says the company.
The company further emphasizes that the problem has no impact on the operation or security of Conext Combox or Conext Battery Monitor.
It’s the second time in a week that Schneider Electric has suffered from vulnerabilities. Earlier this week, a vulnerability was revealed that has an impact on the Scheider Electric Modicon controllers. The vulnerability can be exploited to force remote reboots, which can cause major disruptions within networks of industrial control systems.
However, it is not the first company to suffer from such infections on USB sticks. IBM warned customers in 2017 that certain sticks shipped with the Storewize storage system were infected with malware.This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.