Unpatched Critical RCE Bug Allows Industrial, Utility Takeovers
A new critical remote code execution vulnerability in Schneider Electric’s programmable logic controllers has been discovered by cybersecurity researchers. The bug has not yet been patched and could allow for unauthenticated cyberattackers to gain root-level control over PCs used throughout many industries, including healthcare, manufacturing, and building automation. The programmable logic controllers (PLCs) therefore expose production lines, sensors, conveyor belts, HVACs, and elevators using Schneider Electric’s PLCs to malicious attacks.
Attackers could potentially exploit the unpatched flaws to impact factories, according to cybersecurity researchers. The vulnerability is tracked as CVE-2021-22779 and takes advantage of undocumented commands in device mode. The flaw impacts the Modicon M340, M580, and other models from the series. The bug has been named “ModiPwn” by Armis, the cybersecurity research organization responsible for bringing it to light. The vulnerability ranks 9.8 out of 10 on the CVSS severity scale, making it critical.