Schneider Electric SCADAPack and RemoteConnect
Summary
Schneider Electric has identified a critical vulnerability in its SCADAPack™ x70 RTU products, specifically affecting SCADAPack™ 47xi, 47x, and 57x models. This flaw could lead to unauthorized access, denial of service, and loss of confidentiality and integrity for controllers operating on the Modbus TCP protocol.
IFF Assessment
The vulnerability allows for arbitrary code execution and denial of service, which are severe threats to industrial control systems.
Severity
Defender Context
This vulnerability poses a significant risk to critical infrastructure, particularly the energy sector, as it can lead to unauthorized control and disruption of industrial processes. Defenders must prioritize patching affected Schneider Electric SCADAPack devices and RemoteConnect software to mitigate the risk of exploitation.