Schneider Electric Modicon M340, MC80, and Momentum Unity M1E (Update B)

Plan Patch8.1ICS-CERT ICSA-24-326-04Nov 12, 2024

Attack VectorNetwork

Auth RequiredNone

ComplexityHigh

User InteractionNone needed

Summary

Schneider Electric Modicon M340, MC80, and Momentum Unity M1E controllers contain input validation (CWE-20) and buffer handling (CWE-119) vulnerabilities that could allow unauthorized access. These programmable automation controllers (PACs) manage industrial operations in energy and manufacturing sectors. Exploitation could result in denial of service and compromise of confidentiality and integrity of the controller.

What this means

What could happen

An attacker with network access could send malformed input to the controller, potentially taking it offline or gaining unauthorized control over the industrial process it manages (such as power generation, motor control, or manufacturing sequences).

Who's at risk

Energy utilities and manufacturing plants using Schneider Electric Modicon M340, MC80, or Momentum Unity M1E controllers for process automation and control. These devices are typically used to manage critical operations like power generation, distribution control, and manufacturing equipment sequencing.

How it could be exploited

An attacker on the network sends crafted input packets to the controller's network interface, exploiting improper input validation or buffer handling. This could allow arbitrary command execution or process crash, disrupting the automation it controls.

Prerequisites

Network access to the Modicon controller (port not specified, likely port 502 Modbus TCP or 161 SNMP)
No authentication required to trigger the vulnerability

remotely exploitableno authentication requiredaffects operational technologyinput validation weaknessbuffer handling flaw

Exploitability

Low exploit probability (EPSS 0.2%)

Affected products (3)

3 with fix

ProductAffected VersionsFix Status

Modicon M340 CPU Controller (part numbers BMXP34*)< SV3.65SV3.65

Modicon MC80 Controller (part numbers BMKC80)< SV2.1SV2.1

Modicon Momentum Unity M1E Processor Controller (171CBU*)< SV2.80SV2.80

Remediation & Mitigation

0/5

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Modicon M340 firmware to version SV3.65 or later

HOTFIXUpdate Modicon Momentum Unity M1E firmware to version SV2.80 or later

HOTFIXUpdate Modicon MC80 firmware to version SV2.1 or later

Long-term hardening

0/2

HARDENINGSegment Modicon controllers from direct internet access using firewalls or network isolation

HARDENINGMonitor network traffic to Modicon controllers for abnormal input patterns

CVEs (3)

CVE-2024-8936 CVE-2024-8937 CVE-2024-8938

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/72ef792e-4257-4ca9-95e7-e1d04e8dd0f9