Security researchers have disclosed two new vulnerabilities affecting Schneider Electric Modicon programmable logic controllers (PLCs) that could allow for authentication bypass and remote code execution.
The flaws, tracked asΒ CVE-2022-45788Β (CVSS score: 7.5) andΒ CVE-2022-45789Β (CVSS score: 8.1), are part of aΒ broader collectionΒ ofΒ security defectsΒ tracked by Forescout as OT:ICEFALL.
Successful