Schneider Electric Modicon Network Managed Switches
Summary
Schneider Electric has identified a vulnerability in its Modicon Network Managed Switches related to the RADIUS protocol. This flaw could allow forgery attacks, potentially leading to denial of service and loss of confidentiality and integrity for connected devices.
IFF Assessment
The identified vulnerability poses a risk to the integrity and confidentiality of connected devices, making it bad news for defenders.
Severity
The CVSS score of 9.0 reflects the critical impact of the vulnerability, which can lead to denial of service and loss of confidentiality and integrity, coupled with the potential for forgery attacks.
Defender Context
This vulnerability affects critical infrastructure sectors and underscores the importance of securing industrial control systems (ICS) and the network devices that support them. Defenders should prioritize applying the provided mitigations and monitoring for any signs of suspicious RADIUS activity.