On the 17th of December 2015 the Schneider Electric Corporation released a critical security update to address a buffer overflow (defined) vulnerability within the following Modicon M340 PLC (Programmable Logic Controller) products:
- BMXP3420302H and
This issue was responsibly disclosed (defined) to Schneider by an independent security researcher named Nir Giller.
Why Should This Issue Be Considered Important?
This security vulnerability is of critical severity since an attacker would find it easy to exploit according to the information within the ICS-CERT security advisory. In addition, once exploited it can provide the attacker with the ability to carry out any instruction of their choice (in other words remote code execution) within the Schneider product. The only workaround is to block port 80 of the Schneider device using a firewall. However, given that port 80 is used for HTTP communication, this workaround will prove restrictive.
How Can I Protect Myself from This Issue?
Schneider have released an update for these products that addresses this issue. Please follow the directions within this ICS-CERT security advisory which also references the advisory from Schneider for this issue to install the necessary update.
The ICS-CERT advisory also provides further recommendations in an effort to prevent exploitation of this vulnerability.
If you are unsure about how to upgrade the firmware of the affected Schneider products that you are using, please contact Schneider Technical Support for assistance.