Schneider Electric Modicon vulnerability impacts ICS operation in industrial settings


A security vulnerability discovered in Schneider Electric Modicon controllers has the potential to severely disrupt industrial equipment and networks.

According to researchers from industrial cybersecurity firm Radiflow, the bug, tracked as CVE-2018-7789, “severely exposes the safety and availability of the ICS networks on which these devices were installed.”

The vulnerability is present in the Schneider Electric Modicon M221 controller and is described as an improper check for unusual or exceptional conditions error.

If exploited, the vulnerability could allow unauthorized users to remotely reboot the controller using crafted programming protocol frames.

Read more…
Source: ZDNet

Related News: Schneider Electric may have shipped USB drives infested with malware