Summary
Schneider Electric disclosed a critical vulnerability (CVE-2024-3596) in its Modicon and Connexium switches that allows attackers to forge RADIUS authentication responses. This flaw could lead to unauthorized access and control over critical industrial infrastructure if the Message Authenticator setting is disabled.
Take Action:
Check your Modicon switch configurations immediately to ensure the RADIUS Message Authenticator is enabled. Always isolate your industrial control systems from the public internet to prevent remote exploitation of authentication protocols.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)