Another Stuxnet-Style Vulnerability Found in Schneider Electric Software


Modicon PLC vulnerability

Researchers have found another vulnerability in software made by Schneider Electric that is similar to the one exploited by the notorious Stuxnet malware.

Stuxnet, the malware used a decade ago by the United States and Israel to cause damage to Iran’s nuclear program, was designed to target Siemens’ SIMATIC S7-300 and S7-400 programmable logic controllers (PLCs). The malware loaded malicious code onto targeted PLCs by replacing a DLL file associated with the Siemens STEP7 controller programming software.

Read more…