"Vulnerabilities in Two Schneider Electric ICS Products Reminiscent of Stuxnet"

Trustwave's Global OT/IoT security research team discovered security flaws in two Schneider Electric industrial control systems (ICS) products. Trustwave analysts demonstrated the possibility of malicious actors exploiting the vulnerabilities found in Schneider's SoMachine Basic v1.6 and Schneider Electric M221, firmware version 1.6.2.0, Programmable Logic Controller (PLC) to take control over a device by preventing, changing, then resending commands. This article continues to discuss the potential impact of the Schneider Electric vulnerabilities, where the security flaws come from, how these vulnerabilities are reminiscent of Stuxnet, and recommendations for hardening networks to protect ICS assets. 

SC Media reports "Vulnerabilities in Two Schneider Electric ICS Products Reminiscent of Stuxnet"

Submitted by Anonymous on