Critical ICS Flaws Seen in Schneider Electric, mySCADA, and Automated Logic Products Â
Published on November 29, 2024
- A set of 15 high-risk vulnerabilities was identified across various ICS products from major vendors.
- Exploits could lead to unauthorized access, disruptions in operations, and compromise of sensitive systems essential to critical infrastructure.
- These flaws could allow OS command injection, unrestricted file upload, and more.
Several critical vulnerabilities in industrial control systems (ICS) from major vendors such as Schneider Electric, Automated Logic, CODESYS GmbH, and mySCADA pose serious threats to sectors including manufacturing, energy, and communications, urging organizations to prioritize patching and strengthen their cybersecurity posture.
A recent report by Cyble Research and Intelligence Labs (CRIL) highlights a total of 15 vulnerabilities identified across various ICS products.Â
The Cybersecurity and Infrastructure Security Agency (CISA) has issued urgent advisories to address these risks, as attackers could potentially exploit these flaws to gain unauthorized access, disrupt operations, and compromise sensitive systems essential to critical infrastructure.Â
Among the most pressing vulnerabilities disclosed are three critical flaws that directly impact the functionality of SCADA systems and building automation technologies.
CVE-2024-10575 (Schneider Electric EcoStruxure IT Gateway) could allow attackers unauthorized access to vital systems, leading to potential data breaches and operational downtimes, and CVE-2024-47407 (mySCADA myPRO Manager/Runtime) enables malicious actors to execute arbitrary commands remotely, compromising SCADA and Human-Machine Interface (HMI) systems,Â
The last is CVE-2024-8525 (Automated Logic WebCTRL Server v7.0), which could result in the uploading of malicious files, compromising the security and functionality of building automation systems.
Additional vulnerabilities of concern include CVE-2024-8933 (Schneider Electric’s Modicon M340, MC80, and Momentum systems), which involves message integrity bypass, and CVE-2024-50054 (mySCADA myPRO Manager/Runtime), a path traversal flaw that could lead to unauthorized file access.
Schneider Electric accounted for 50% of the identified flaws, predominantly affecting industrial automation and energy management systems, while mySCADA contributed 33% of the vulnerabilities, impacting SCADA and HMI systems integral to industrial operations. Â
Automated Logic and CODESYS GmbH made up the remaining 17%, with vulnerabilities targeting building automation systems and PLC software. CISA has emphasized the importance of proactive security measures to mitigate the risks posed by these vulnerabilities.
This month, CISA asked for immediate action regarding a critical Array Networks vulnerability involving missing authentication that permitted arbitrary code execution remotely.
Related
Most Popular
Most Popular