Security News

Schneider Electric ransomware crew demands $125k paid in baguettes
2024-11-05 21:51

Hellcat crew claimed to have gained access via the company's Atlassian Jira system Schneider Electric confirmed that it is investigating a breach as a ransomware group Hellcat claims to have...

Schneider Electric confirms dev platform breach after hacker steals data
2024-11-04 19:22

Schneider Electric has confirmed a developer platform was breached after a threat actor claimed to steal 40GB of data from the company's JIRA server. [...]

Cactus ransomware claim to steal 1.5TB of Schneider Electric data
2024-02-19 19:35

The Cactus ransomware gang claims they stole 1.5TB of data from Schneider Electric after breaching the company's network last month. As BleepingComputer first reported, the ransomware group gained access to the energy management and automation giant's Sustainability Business division on January 17th. The gang is now extorting the company, threatening to leak all the allegedly stolen data if a ransom demand is not paid.

Energy giant Schneider Electric hit by Cactus ransomware attack
2024-01-29 20:10

Energy management and automation giant Schneider Electric suffered a Cactus ransomware attack leading to the theft of corporate data, according to people familiar with the matter. BleepingComputer has learned that the ransomware attack hit the company's Sustainability Business division earlier this month on January 17th. The attack disrupted some of Schneider Electric's Resource Advisor cloud platform, which continue to suffer outages today.

Researchers Expose New Severe Flaws in Wago and Schneider Electric OT Products
2023-06-20 19:08

Three security vulnerabilities have been disclosed in operational technology products from Wago and Schneider Electric. The flaws, per Forescout, are part of a broader set of shortcomings collectively called OT:ICEFALL, which now comprises a total of 61 issues spanning 13 different vendors.

Researchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs
2023-02-16 13:18

Security researchers have disclosed two new vulnerabilities affecting Schneider Electric Modicon programmable logic controllers that could allow for authentication bypass and remote code execution. The flaws, tracked as CVE-2022-45788 and CVE-2022-45789, are part of a broader collection of security defects tracked by Forescout as OT:ICEFALL. Successful exploitation of the bugs could enable an adversary to execute unauthorized code, denial-of-service, or disclosure of sensitive information.

ICS Patch Tuesday: Siemens and Schneider Electric Address 100 Vulnerabilities
2021-07-14 14:52

Industrial giants Siemens and Schneider Electric on Tuesday released a total of two dozen advisories covering roughly 100 vulnerabilities affecting their products. The 18 new advisories prepared by Siemens for the July 2021 Patch Tuesday cover nearly 80 vulnerabilities impacting the company's products.

Critical Vulnerability Can Be Exploited to Hack Schneider Electric's Modicon PLCs
2021-07-13 11:10

A vulnerability affecting some of Schneider Electric's Modicon programmable logic controllers can be exploited to bypass authentication mechanisms, allowing attackers to take complete control of the targeted device. It can be exploited by an unauthenticated attacker who has network access to the targeted PLC. The exploit chain demonstrated by Armis also involves several other vulnerabilities discovered over the past few years.

Researchers warn of unpatched remote code execution flaws in Schneider Electric industrial gear
2021-07-13 10:45

Armis security researchers have warned of severe and unpatched remote code execution vulnerabilities in Schneider Electric's programmable logic controllers, allowing attackers to take control of a variety of industrial systems. The vulnerability itself, dubbed "ModiPwn," chains on two previously disclosed issues, discovered by security firm Talos in 2018 and 2019 respectively, which Schneider Electric claimed to have patched.

Critical vulnerability in Schneider Electric Modicon PLCs can lead to RCE (CVE-2021-22779)
2021-07-13 07:55

Researchers at Armis discovered an authentication bypass vulnerability in Schneider Electric's Modicon programmable logic controllers that can lead to remote-code-execution. Modicon M580. The vulnerability, dubbed ModiPwn, allows for a complete takeover of impacted devices by leveraging the UMAS protocol, and impacts Modicon M340, M580 and other models from the Modicon series.