Monday, July 22, 2024
HomeCyber Security BlogsVulnerabilities Detected in Schneider Electric PLCs

Vulnerabilities Detected in Schneider Electric PLCs

Researchers at Claroty have found out new details on authentication and encryption vulnerabilities in Schneider Electric programmable logic controllers (PLCs). If exploited, these vulnerabilities could allow an attacker to exfiltrate data, modify code, and execute commands on operational technology (OT) and critical infrastructure systems. 

In June, Claroty disclosed details on four vulnerabilities in Schneider Electric’s Modicon M221 programmable logic controller (PLC) and EcoStruxure Machine Expert Basic. The vulnerabilities could allow an advanced attacker to bypass authentication on these devices, break the encryption securing data transfers, modify code, and run commands. In all cases an attacker would have to establish a connection on the OT network and monitor data flowing between devices before exploiting weak encryption implementations to crack device authentication. 

The Modicon series of PLCs was initially brought to market in the late 1960s, long before IT/OT convergence and a general understanding of the need for OT security. Mitigations for the four vulnerabilities included in this release are available from Schneider, and include a recommendation to set up network segmentation, to implement a firewall to block unauthorized access to TCP port 502, and to disable unused protocols within the Modicon M221 application. 




Please enter your comment!
Please enter your name here

Most Popular

Recent Comments

Izzi Казино онлайн казино казино x мобильді нұсқасы on Instagram and Facebook Video Download Made Easy with
Temporada 2022-2023 on CamPhish
2017 Grammy Outfits on Meesho Supplier Panel: Register Now!
React JS Training in Bangalore on Best Online Learning Platforms in India
DigiSec Technologies | Digital Marketing agency in Melbourne on Buy your favourite Mobile on EMI
亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us