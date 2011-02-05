Radiflow uncovers security flaw in a Schneider Electric controller device

September 2018 by Radiflow

Radiflow will be announcing that the company has uncovered a security flaw in a Schneider Electric Modicon Controller that severely exposed the safety and availability of the ICS networks on which these devices were installed.

Below is a quick overview of this security vulnerability from the upcoming press release:

Radiflow’s threat intelligence research team discovered this security vulnerability on Schneider Electric’s Modicon M221 Controller for which unauthorized users could have remotely disconnected the device from communicating in the ICS network by sending crafted packets that induce this unwanted behavior.

An unauthorized user could have easily exploited this vulnerability to execute a synchronized attack and cause a number of these controllers to stop communicating. This type of unauthorized action would allow a cyber-attacker to massively disconnect the effected PLCs from the HMI leaving the operator with no way to view and control the physical processes on the OT network, while instantly harming the safety and reliability of the ICS systems. The recovery from such an attack would require a reboot of the attacked PLCs and physical access to the controllers, which would cause significant downtime to the ICS network.

It is important to highlight that Radiflow immediately report its discovery of this vulnerability to Schneider Electric.