Security News > 2020 > May > Another Stuxnet-Style Vulnerability Found in Schneider Electric Software

Another Stuxnet-Style Vulnerability Found in Schneider Electric Software
2020-05-07 12:03

Researchers have found another vulnerability in software made by Schneider Electric that is similar to the one exploited by the notorious Stuxnet malware.

Researchers at cybersecurity firm Trustwave reported on Thursday that they too have identified a similar vulnerability in Schneider software, specifically EcoStruxure Machine Expert, which allows users to develop projects on Modicon M221 controllers.

Karl Sigler, senior security research manager at Trustwave's SpiderLabs, told SecurityWeek that exploitation of CVE-2020-7489 requires access to the environment hosting the SoMachine software and the targeted PLC. "For the SoMachine DLL injection vulnerability specifically the attacker would need to perform the injection using the same user context as a local user authorized to run the software," Sigler explained.

Trustwave researchers also made an interesting discovery related to an old vulnerability affecting Schneider Electric software.

"While this replay vulnerability was patched in 2017, Trustwave discovered that the attack could still be performed as long as the attacker was piggybacking on top of an existing session between the control software and the PLC. In other words, while the packet replay vulnerability was patched, a man-in-the-middle attack could still be performed accomplishing the same misuse of the PLC.".


News URL

http://feedproxy.google.com/~r/Securityweek/~3/3FlnV5Z7FwQ/another-stuxnet-style-vulnerability-found-schneider-electric-software

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-04-22 CVE-2020-7489 Injection vulnerability in Schneider-Electric products
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification).
network
low complexity
schneider-electric CWE-74
critical
9.8