"Researchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs"

Two new vulnerabilities affecting Schneider Electric Modicon Programmable Logic Controllers (PLCs) have been reported by security researchers at Forescout. These vulnerabilities could allow authentication bypass and Remote Code Execution (RCE). The vulnerabilities, tracked as CVE-2022-45788 and CVE-2022-45789, are part of a larger set of security vulnerabilities identified by Forescout as OT:ICEFALL. A successful attack using the vulnerabilities could allow an adversary to execute unauthorized code, cause a Denial-of-Service (DoS) condition, or disclose sensitive data. According to the cybersecurity firm, a threat actor can chain the vulnerabilities with known vulnerabilities from other vendors to achieve deep lateral movement in Operational Technology (OT) networks. This movement enables attackers to obtain deep access to Industrial Control Systems (ICS) and cross often-overlooked security perimeters, enabling them to carry out highly granular and covert manipulations and to circumvent functional and safety constraints. A proof-of-concept (PoC) cyber-physical attack revealed that the vulnerabilities could be exploited to evade safety guardrails and cause damage to a movable bridge's infrastructure. This article continues to discuss the new critical security flaws impacting Schneider Electric Modicon PLCs. 

THN reports "Researchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs"