Schneider Electric fixes DoS flaws in Modicon, EcoStruxure products

Schneider Electric addressed several vulnerabilities in some Modicon controllers and several EcoStruxure products.

Schneider Electric addresses three denial-of-service (DoS) vulnerabilities Schneider Electric Modicon M580, M340, Quantum and Premium controllers.

The vendor has informed its customers that all three flaws are caused by improper check for unusual or exceptional conditions.

The three vulnerabilities are:

The first vulnerability tracked as CVE-2019-6857 received a CVSS v3.0 Base Score 7.5, it was rated with High severity.

“Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a Denial of Service of the controller when reading specific memory blocks using Modbus TCP” reads the advisory.

The second vulnerability tracked as CVE-2019-6856 received a CVSS v3.0 Base Score 7.5, it was rated with High severity.

“Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP.” reads the advisory.

The third issue, tracked as CVE-2018-7794, received a CVSS v3.0 Base Score 5.9, it was rated with Medium severity.

“Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a Denial of Service when reading data with invalid index using Modbus TCP” continues the advisory.

An attacker could trigger the above issues via Modbus TCP by reading or writing specific memory blocks, or when reading data with an invalid index. The vulnerability could be exploited by an attacker who has network access to the affected controllers, it can exploit these flaws to crash the controller’s Ethernet module. In order to restore operations, admins need to physically reset the affected device.

The vulnerabilities have been reported Mengmeng Young and Gideon Guo (CVE-2019-6857), Chansim Deng (CVE-2019-6856), and Younes Dragoni from Nozomi Networks (CVE-2018-7794).

Schneider Electric also informed its customers of multiple vulnerabilities in three of its EcoStruxure products, including the Power SCADA Operation power monitoring and control software.

The vulnerability is affected by a high-severity stack-based buffer overflow vulnerability that can be exploited by attackers to trigger a DoS condition.

The issue was reported by the industrial firm Applied Risk.

“A vulnerability was identified within Schneider ClearSCADA, which would allow an attacker to modify system-wide configuration and data files. This vulnerability arose through insecure file permissions.” reads the security dvisory.

Schneider Electric also addressed a medium-severity vulnerability in the EcoStruxure Control Expert programming software for Modicon programmable automation controllers that can allow a hacker to bypass the authentication process between the software and the controller.

Pierluigi Paganini

(SecurityAffairs – Schneider Electric, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]

Share On