Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Schneider Electric Patches Vulnerabilities in Modicon, EcoStruxure Products

Schneider Electric last week informed customers that patches have been made available for vulnerabilities in some Modicon controllers and several EcoStruxure products.

Schneider Electric last week informed customers that patches have been made available for vulnerabilities in some Modicon controllers and several EcoStruxure products.

According to Schneider, Modicon M580, M340, Quantum and Premium controllers are affected by three denial-of-service (DoS) vulnerabilities.

The vendor says all three flaws are caused by “improper check for unusual or exceptional conditions.” Two of the vulnerabilities have been rated high severity, and one medium severity due to Schneider determining that the attack complexity is higher compared to the other two.Modicon controller vulnerabilities

The DoS condition may be triggered when reading or writing specific memory blocks, or when reading data with an invalid index. The flaws can be exploited via Modbus TCP by an attacker who has network access to the affected controllers.

Industrial cybersecurity firm Nozomi Networks has been credited by Schneider for discovering the medium-severity flaw. Moreno Carcullo, Nozomi’s co-founder and CTO, told SecurityWeek that an attacker can exploit these vulnerabilities to crash the controller’s Ethernet module, requiring a cold restart (i.e. a physical reset) of the affected device.

It’s unclear if the vulnerabilities are remotely exploitable from the internet, but Shodan does show a couple of M580 and nearly 100 M340 internet-connected controllers.

Schneider Electric also informed customers last week of vulnerabilities in three of its EcoStruxure products. One of them is the Power SCADA Operation power monitoring and control software, which is designed to help organizations in the IT, healthcare, industrial and electro-intensive sectors maximize uptime.

The product is affected by a high-severity stack-based buffer overflow vulnerability that can be exploited to cause a server-side crash.

Learn More About Vulnerabilities in Industrial Products at SecurityWeek’s 2020 ICS Cyber Security Conference

The EcoStruxure Geo SCADA Expert (ClearSCADA) product, which is designed for monitoring and controlling industrial processes, is affected by a high-severity insecure file permissions flaw that allows a local attacker with low privileges to delete or change database, settings or certificate files.

This vulnerability was identified by industrial cybersecurity firm Applied Risk, which published its own advisory last week.

Finally, Schneider Electric revealed that the EcoStruxure Control Expert programming software for Modicon programmable automation controllers is affected by a medium-severity vulnerability that can allow a hacker to bypass the authentication process between the software and the controller.

Related: Cisco Finds 11 Vulnerabilities in Schneider Electric Modicon Controllers

Related: Malware Found on USB Drives Shipped With Schneider Solar Products

Related: Critical Flaws Patched in Schneider Building Automation Software

Related: Triton Malware Exploited Zero-Day in Schneider Electric Devices

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Vulnerabilities

Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...