Schneider Electric releases guidelines to combat PLC bug

Schneider Electric has released a set of mitigations to address an unpatched bug discovered in a family of its programmable logic controllers (PLCs).

Researchers at Armis, a security firm that specializes in IoT devices, released a report on Jul. 13 detailing the vulnerability in Schneider’s Modicon series including the M340 and M580.

Representatives at Schneider Electric say there is no one patch available for the “ModiPwn” vulnerability, which taps into undocumented commands on the controllers.

“Schneider Electric is aware of multiple vulnerabilities in its EcoStruxure Control Expert, EcoStruxure Process Expert, SCADAPack RemoteConnect x70, and Modicon M580 and M340 control products,” the company says in the mitigation documents.

“These vulnerabilities pose several risks, primary among these is the possibility of arbitrary code execution and loss of confidentiality and integrity of the project file.”

Ron Bradley, vice-president of risk management firm Shared Assessments, comments: “The Schneider critical RCE vulnerability should come as a stark reminder for those reliant on industrial control systems (ICS) to ensure they are following best practices starting with the physical and/or firewall hardened segmentation between OT and business networks. Having a thoroughly documented asset inventory is an absolute must when it comes to preparing for and responding this type of event.

“Policies and standards should be developed on the guidance laid out in IEC62443. Regular testing and on-going monitoring of OT networks is imperative.  Finally, a comprehensive incident response plan can mean the difference between a disaster or a drill.”

Find the Schneider Electric mitigation here.