Security News > 2023 > February > Researchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs
Security researchers have disclosed two new vulnerabilities affecting Schneider Electric Modicon programmable logic controllers that could allow for authentication bypass and remote code execution.
The flaws, tracked as CVE-2022-45788 and CVE-2022-45789, are part of a broader collection of security defects tracked by Forescout as OT:ICEFALL. Successful exploitation of the bugs could enable an adversary to execute unauthorized code, denial-of-service, or disclosure of sensitive information.
The cybersecurity company said the shortcomings can be chained by a threat actor with known flaws from other vendors to achieve deep lateral movement in operational technology networks.
"Deep lateral movement lets attackers gain deep access to industrial control systems and cross often overlooked security perimeters, allowing them to perform highly granular and stealthy manipulations as well as override functional and safety limitations," Forescout said.
With threat actors concocting sophisticated malware to disrupt industrial control systems, the deep lateral movement afforded by these flaws could permit adversaries to use an "Uninteresting device as a staging point for moving towards more interesting targets."
The findings come close on the heels of 38 security flaws that were revealed in wireless industrial internet of things devices and which could grant an attacker a direct line of access to OT networks, according to cybersecurity company Otorio.
News URL
https://thehackernews.com/2023/02/researchers-warn-of-critical-security.html
Related news
- Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw (source)
- Two simple give-me-control security bugs found in Optigo network switches used in critical manufacturing (source)
- Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries (source)
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- WeChat devs introduced security flaws when they modded TLS, say researchers (source)
- Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers (source)
- Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security (source)
- Schneider Electric confirms dev platform breach after hacker steals data (source)
- Schneider Electric ransomware crew demands $125k paid in baguettes (source)
- Germany drafts law to protect researchers who find security flaws (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-31 | CVE-2022-45789 | Authentication Bypass by Capture-replay vulnerability in Schneider-Electric products A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. | 9.8 |
| 2023-01-30 | CVE-2022-45788 | Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. | 9.8 |