Schneider Electric Warns of Multiple Vulnerabilities in Modicon Controllers

CVE-2024-8937 & CVE-2024-8938

Schneider Electric has issued a security notification regarding critical vulnerabilities in its Modicon M340, Momentum, and MC80 controllers. These programmable automation controllers (PACs) are used widely in industrial settings to monitor and control operations. Schneider warns that “failure to apply the provided remediations/mitigations may risk unauthorized access to the controller,” potentially leading to a loss of confidentiality, integrity, and availability.

Three major vulnerabilities have been identified, affecting various versions of the controllers:

  • CVE-2024-8936 (CVSS v4.0 score of 8.3): This vulnerability, related to improper input validation, could lead to unauthorized access and memory tampering during a Man-In-The-Middle attack via crafted Modbus function calls.
  • CVE-2024-8937 and CVE-2024-8938 (CVSS v4.0 score of 9.2): Both vulnerabilities involve improper memory buffer restrictions, allowing attackers to execute arbitrary code by manipulating authentication processes or memory size computations.

Schneider Electric has released firmware version SV3.65 for the Modicon M340 to address these vulnerabilities. They advise users to apply the update and follow best practices, including network segmentation, firewall configurations, and memory protection settings. For the MC80 and Momentum models, remediation plans are in development, and users are encouraged to implement immediate mitigations such as firewall protections on port 502/TCP and access control lists.

Related Posts: