Vulnerability in Schneider Electric PLCs allows for undetectable remote takeover

Dubbed Modipwn, the vulnerability affects a wide variety of Modicon programmable logic controllers used in manufacturing, utilities, automation and other roles.

A vulnerability discovered in Schneider Electric’s Modicon programmable logic controllers, used in millions of devices worldwide, could allow a remote attacker to gain total and undetectable control over the chips, leading to remote code execution, malware installation and other security compromises.

Discovered by security researchers at asset visibility and security vendor Armis, the vulnerability, dubbed Modipwn, is similar to the vulnerability that was leveraged by the Triton malware that targeted Schneider Electric safety controllers used in Saudi Arabian petrochemical plants. Modicon chips vulnerable to Modipwn are used in manufacturing, building services, automation, energy utilities, HVAC and other industrial applications.


Pin It on Pinterest