Details Disclosed After Schneider Electric Patches Critical Flaw Allowing PLC Hacking


For its EcoStruxure platform and some Modicon programmable logic controllers (PLCs), Schneider Electric recently published fixes. These patches addressed a major vulnerability that was first discovered more than a year ago.

According to the industrial behemoth, the vulnerability, designated CVE-2021-22779, is an authentication bypass problem that might allow unwanted access in read and write mode to a Modicon M580 or M340 controller by impersonating Modbus communications between the controller and the engineering software. Read More…