cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted
Employee+
Employee+

Schneider Electric Modicon Controllers

2 days ago the US ICS-CERT released a vulnerability notification related to Schneider electric Modicon Controllers. you can find the notification attached.

While Schneider offer to M580 and M340 controllers owners, a firmware update which solves the vulnerability. Schneider don't offer any practical solution for Quantum and Premium controllers owners and the only solution is to replace these old controllers with the new models. as controllers upgrade is not a simple nor cheap process, most of the owners will not make it and will remain unprotected.

Schneider recommend to mitigate risks associated with this  vulnerability, users should immediately set up network segmentation and implement a firewall to block all unauthorized access to Port 502/TCP.

This is the first time we notice a vendor of Schneider scale, recommend about specific active Firewall policy to BLOCK  to block all unauthorized access to Port 502/TCP.

0 Kudos