The NCCIC has released an advisory on an insufficient verification of data authenticity vulnerability in Schneider Electric Modicon M221. All versions of this product are affected. Successful exploitation of this vulnerability could cause a change of IPv4 configuration (IP address, mask, and gateway) when remotely connected to the device. Schneider Electric recommends a series of mitigations to reduce the risk. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.
You are here
Related Resources
Jan 23, 2025 in Cybersecurity, in OT-ICS Security, in Federal & State Resources
Jan 23, 2025 in Cybersecurity, in Security Preparedness
Vulnerability Awareness – Joint Advisory on Ivanti Exploit Chains by Suspected Chinese Threat Actors
Jan 23, 2025 in Cybersecurity, in Federal & State Resources, in Security Preparedness
