Security News

Cactus ransomware claim to steal 1.5TB of Schneider Electric data
2024-02-19 19:35

The Cactus ransomware gang claims they stole 1.5TB of data from Schneider Electric after breaching the company's network last month. As BleepingComputer first reported, the ransomware group gained access to the energy management and automation giant's Sustainability Business division on January 17th. The gang is now extorting the company, threatening to leak all the allegedly stolen data if a ransom demand is not paid.

Energy giant Schneider Electric hit by Cactus ransomware attack
2024-01-29 20:10

Energy management and automation giant Schneider Electric suffered a Cactus ransomware attack leading to the theft of corporate data, according to people familiar with the matter. BleepingComputer has learned that the ransomware attack hit the company's Sustainability Business division earlier this month on January 17th. The attack disrupted some of Schneider Electric's Resource Advisor cloud platform, which continue to suffer outages today.

Researchers Expose New Severe Flaws in Wago and Schneider Electric OT Products
2023-06-20 19:08

Three security vulnerabilities have been disclosed in operational technology products from Wago and Schneider Electric. The flaws, per Forescout, are part of a broader set of shortcomings collectively called OT:ICEFALL, which now comprises a total of 61 issues spanning 13 different vendors.

Researchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs
2023-02-16 13:18

Security researchers have disclosed two new vulnerabilities affecting Schneider Electric Modicon programmable logic controllers that could allow for authentication bypass and remote code execution. The flaws, tracked as CVE-2022-45788 and CVE-2022-45789, are part of a broader collection of security defects tracked by Forescout as OT:ICEFALL. Successful exploitation of the bugs could enable an adversary to execute unauthorized code, denial-of-service, or disclosure of sensitive information.

ICS Patch Tuesday: Siemens and Schneider Electric Address 100 Vulnerabilities
2021-07-14 14:52

Industrial giants Siemens and Schneider Electric on Tuesday released a total of two dozen advisories covering roughly 100 vulnerabilities affecting their products. The 18 new advisories prepared by Siemens for the July 2021 Patch Tuesday cover nearly 80 vulnerabilities impacting the company's products.

Critical Vulnerability Can Be Exploited to Hack Schneider Electric's Modicon PLCs
2021-07-13 11:10

A vulnerability affecting some of Schneider Electric's Modicon programmable logic controllers can be exploited to bypass authentication mechanisms, allowing attackers to take complete control of the targeted device. It can be exploited by an unauthenticated attacker who has network access to the targeted PLC. The exploit chain demonstrated by Armis also involves several other vulnerabilities discovered over the past few years.

Researchers warn of unpatched remote code execution flaws in Schneider Electric industrial gear
2021-07-13 10:45

Armis security researchers have warned of severe and unpatched remote code execution vulnerabilities in Schneider Electric's programmable logic controllers, allowing attackers to take control of a variety of industrial systems. The vulnerability itself, dubbed "ModiPwn," chains on two previously disclosed issues, discovered by security firm Talos in 2018 and 2019 respectively, which Schneider Electric claimed to have patched.

Critical vulnerability in Schneider Electric Modicon PLCs can lead to RCE (CVE-2021-22779)
2021-07-13 07:55

Researchers at Armis discovered an authentication bypass vulnerability in Schneider Electric's Modicon programmable logic controllers that can lead to remote-code-execution. Modicon M580. The vulnerability, dubbed ModiPwn, allows for a complete takeover of impacted devices by leveraging the UMAS protocol, and impacts Modicon M340, M580 and other models from the Modicon series.

Vulnerability in Schneider Electric PLCs allows for undetectable remote takeover
2021-07-13 04:01

A vulnerability discovered in Schneider Electric's Modicon programmable logic controllers, used in millions of devices worldwide, could allow a remote attacker to gain total and undetectable control over the chips, leading to remote code execution, malware installation and other security compromises. Discovered by security researchers at asset visibility and security vendor Armis, the vulnerability, dubbed Modipwn, is similar to the vulnerability that was leveraged by the Triton malware that targeted Schneider Electric safety controllers used in Saudi Arabian petrochemical plants.

Flaws in Rockwell Software Impact Products From Schneider Electric, GE and Others
2021-06-10 15:01

Several vulnerabilities discovered by Kaspersky researchers in Rockwell Automation software impact industrial products from Schneider Electric, GE and other vendors. The security holes were identified by Kaspersky researchers in Rockwell Automation's ISaGRAF, which is designed for the development of automation products.