Security News > 2020 > November > Encryption Vulnerabilities Allow Hackers to Take Control of Schneider Electric PLCs
Schneider Electric this week released advisories for vulnerabilities impacting various products, including flaws that can be exploited to take control of Modicon M221 programmable logic controllers.
"By bypassing authentication protections and having direct access to manipulate the PLC, an attacker could take over complete control of the PLC actions, which could be catastrophic depending what type of OT environment the PLC is deployed," Sigler explained.
Yehuda Anikster, senior researcher at Claroty, told SecurityWeek that exploitation of the vulnerabilities requires capturing traffic between the EcoStruxure Machine engineering software and the targeted PLC. "The attackers would then need to wait for an engineer or technician to connect and enter a password or perform download/upload operations to the M221 using the engineering software," Anikster said.
Attackers can extract all the code running on the M221s, stealing the company's control process logic. Another potential scenario is of attackers deleting all the code and changing all passwords on the M221s, blocking all access to the devices and rendering the PLCs unusable in a denial-of-service attack. Furthermore, sly attackers could perform a Stuxnet-like attack and slightly change the code on the M221s to wreak havoc on the company's devices."
Schneider Electric also informed customers this week of critical and high-severity vulnerabilities affecting its PLC Simulator product, including ones that can be exploited for arbitrary command execution and DoS attacks.