Security researchers have uncovered two new vulnerabilities affecting Schneider Electric Modicon programmable logic controllers (PLCs). This may allow authentication bypass and remote code execution.
The flaws tracked as CVE-2022-45788 (CVSS score: 7.5) and CVE-2022-45789 (CVSS score: 8.1) are part of a broader collection of security flaws tracked by Forescout as OT:ICEFALL .
Successful exploitation of the bug could allow the attacker to execute unauthorized code, cause a denial of service, or disclose sensitive information.
A cybersecurity firm says attackers with known flaws (such as CVE-2021-31886) from other vendors can chain the flaws to achieve deep lateral movement in operational technology (OT) networks. I’m here.
“Through deep lateral movement, attackers can gain deep access to industrial control systems and cross often-overlooked security perimeters to perform highly granular and stealthy operations or You can turn off the restrictions,” Forescout said.
A highly complex proof-of-concept (PoC) cyber-physical attack devised by a San Jose-based company found that the flaw could be weaponized to bypass safety guardrails and damage drawbridge infrastructure. got it.
When threat actors create sophisticated malware to disrupt industrial control systems, the deep lateral movement introduced by these flaws allows adversaries to “move uninteresting devices toward more interesting targets.” It may become available as a staging point for
According to cybersecurity firm Otorio, the findings follow 38 security flaws uncovered in wireless Industrial Internet of Things (IIoT) devices that gave attackers direct access to OT networks. may allow.
Taken together, these weaknesses also highlight real threats to physical operations from IoT devices, cloud-based management platforms, and nested OT networks.
