Remote Code Execution Vulnerability in Schneider Electric Products

It has been confirmed that Schneider Electric’s Modicon PLC has a vulnerability that an attacker can control by bypassing security.

According to security company Armis, the vulnerability CVE-2021-22779 discovered was aimed at a patch flaw for DDoS attacks that Schneider Electric released with partial fixes in 2018 and 2019. After executing Modicon PLC network access, an attacker can bypass authentication and execute remote code that obtains a specific hash from the device memory using a protocol called Schneider Electric UMAS.

Amis has been working with Schneider Electric to respond to the vulnerability since November 2020, and discovered this vulnerability in the process. Amis said that fixing fundamental design flaws between Modicon and UMAS could take time, which could lead to new vulnerabilities in the future. He also showed a willingness to continue working with Schneider Electric to solve problems.

Schneider Electric will release the patch by the end of 2021, and has also released a model affected by the vulnerability and guidelines for mitigating potential impacts. The company says it will work with independent security research organizations to help protect users from vulnerabilities. Related information can be found here.



Through the monthly AHC PC and HowPC magazine era, he has watched 'technology age' in online IT media such as ZDNet, electronic newspaper Internet manager, editor of Consumer Journal Ivers, TechHolic publisher, and editor of Venture Square. I am curious about this market that is still full of vitality.

Add comment

Follow us

Don't be shy, get in touch. We love meeting interesting people and making new friends.

Most discussed

%d 블로거가 이것을 좋아합니다: