Schneider Electric Patches Buffer Overflow in PLC Line

critical infrastructure security

Automation and energy management company Schneider Electric patched a vulnerability in one of its product lines this week that left a handful of programmable automation controllers at risk of being hacked.

Automation and energy management company Schneider Electric patched a vulnerability in a product line this week that was leaving a handful of programmable automation controllers at risk of being hacked.

Thirteen different builds of the Modicon M340 PLC are affected by the vulnerability, a buffer overflow that could let an attacker crash the device, or carry out remote code execution.

According to an advisory on ICS-CERT published Thursday, the issue affects the following PLC builds:

  • BMXNOC0401,
  • BMXNOE0100,
  • BMXNOE0100H,
  • BMXNOE0110,
  • BMXNOE0110H,
  • BMXNOR0200,
  • BMXNOR0200H,
  • BMXP342020,
  • BMXP342020H,
  • BMXP342030,
  • BMXP3420302,
  • BMXP3420302H, and
  • BMXPRA0100.

While Schneider patched the first three of those builds on Tuesday, users of the BMXNOR0200 (H), BMXP342020, BMXP3420302, and BMXPRA0100 builds who elect not to patch now, will have to wait until Jan. 16.

According to Schneider’s website, the Modicon M340 is a midrange PLC, and popular especially when it comes to industries such as manufacturing, transportation, electrical equipment, and water automation.

Nir Giller – credited by ICS-CERT as an independent researcher – found the bug. Giller, CTO at CyberX, a company that specializes in scoping out bugs in ICS platforms, previously helped dig up a bunch of vulnerabilities in Rockwell PLCs, including the FrostyURL vulnerability, in October.

Suggested articles