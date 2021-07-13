Cancel
Critical vulnerability in Schneider Electric Modicon PLCs can lead to RCE (CVE-2021-22779)

Cover picture for the articleResearchers at Armis discovered an authentication bypass vulnerability (CVE-2021-22779) in Schneider Electric’s Modicon programmable logic controllers (PLCs) that can lead to remote-code-execution (RCE). Modicon M580. The vulnerability, dubbed ModiPwn, allows for a complete takeover of impacted devices by leveraging the UMAS protocol, and impacts Modicon M340, M580 and other models...

Authentication bypass allows complete takeover of Modicon PLCs used across industries

Several programmable logic controllers (PLCs) from Schneider Electric’s Modicon series that automate industrial processes in factories, energy utilities, HVAC systems and other installations are impacted by a flaw that could allow hackers to bypass their authentication mechanism and execute malicious code. According to researchers from security firm Armis, who found and reported the vulnerability, attackers with network access to impacted controllers could exploit the issue to install malware that alters the operation of the controllers and hides those malicious changes from the workstations and operators managing them.
