Last year, cybersecurity researchers discovered vulnerabilities in some of Schneider Electric’s product including Modicon M580 and M340 PLCs. These vulnerabilities enable attackers to bypass security tools installed on these PLCs and exploit the undocumented Modbus commands to gain complete control of the plc.

Using these commands attackers can take over the plc, gain native code execution on the device and make changes to the operation of the plc, while hiding the changes from the engineering workstation that manages it.

Since the discovery, Schneider had been working on a patch which is expected to be released Q4 of 2021. In the meantime, SE had released a security advisory on 13 July 2021 for users of M580 and M340 to help protect their system from possible attack.

Find the Schneider Electric security advisory here.