09 July 2019

New vulnerability in Schneider Electric Modicon PLCs

A vulnerability (CVE-2019-6819) has been identified in Schneider Electric Modicon programmable logic controllers (PLCs) and automation controllers (PACs). The vulnerability could allow an attacker to cause a denial-of-service condition on affected devices due to an improper check for unusual or exceptional conditions. The flaw can be exploited by sending a specific Modbus frame to a vulnerable device.

The vulnerability affects the following products:

  • Modicon M340 (firmware versions prior to 3.01);
  • Modicon M580 (firmware versions prior to 2.80);
  • Modicon Quantum (all firmware versions);
  • Modicon Premium (all firmware versions).

The newly identified vulnerability has been fixed by the vendor in new versions of firmware for Modicon M340 and Modicon M580 controllers (firmware versions 3.01 and 2.80, respectively). Since Modicon Quantum controllers have reached the end of their service life and are no longer commercially available, Schneider Electric recommends that users migrate to its most current product, Modicon M580 ePAC.

To mitigate risks associated with this vulnerability, the vendor recommends setting up network segmentation and implementing a firewall to block all unauthorized access to Port 502/TCP.

Sources: ICS-CERT, Schneider Electric