The NCCIC has released an advisory on an insufficient verification of data authenticity vulnerability in Schneider Electric Modicon M221. All versions of this product are affected. Successful exploitation of this vulnerability could cause a change of IPv4 configuration (IP address, mask, and gateway) when remotely connected to the device. Schneider Electric recommends a series of mitigations to reduce the risk. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.
You are here
Related Resources
Jul 25, 2024 in Cybersecurity, in OT-ICS Security, in Federal & State Resources
Jul 25, 2024 in Cybersecurity, in Security Preparedness
Jul 25, 2024 in Cybersecurity, in Security Preparedness