A Preliminary Investigation into the Worm Technique Affecting Schneider’s Programmable Logic Controllers
December 29, 2020
Background
Some time ago, some researchers detected a code injection vulnerability (CVE-2020-7475), which could cause Schneider’s Programmable Logic Controllers (PLCs) to operate like worms. If successfully exploited, this vulnerability could allow a PLC to act as a mini PC to carry out malicious network activities or as an intranet springboard or a network scanner to penetrate into industrial systems in a more covert manner.
(more…)