Critical Schneider Electric PLC vulnerabilities could have severe impact

Threat actors could chain two critical security vulnerabilities in Schneider Electric's Unity line of Modicon programmable logic controllers, tracked as CVE-2022-45788 and CVE-2022-45789, to compromise safety protections for limiting physical damage, according to The Record, a news site by cybersecurity firm Recorded Future. More than 1,000 Modicon Unity PLCs are vulnerable to such attacks, with the U.S. having the fourth largest number of exposures, following France, Spain, and Italy, reported Forescout researchers, who cited a Shodan search. "A quick search for the affected models on Shodan has shown exposed Modicon PLCs in everything from airports, mining, and solar and hydro power generation to chemical manufacturing," said researchers Daniel dos Santos and Jos Wetzels. The findings should prompt critical infrastructure organizations to bolster consequence-driven risk assessments and defenses against potential safety measure bypass that attackers could employ when infiltrating physical environments. "When you're evaluating your potential risk, you have to think about whether you can defend against this and if you have the visibility deep down in your systems," said Wetzels.