OTPulse
FeedAboutContact

Modicon M218 Logic Controller

Plan Patch7.5SEVD-2021-285-04Oct 12, 2021
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

A vulnerability in Modicon M218 Logic Controller versions 5.1.0.6 and earlier allows an attacker to send specially crafted packets to the controller, causing it to become unresponsive (denial of service). The M218 is a programmable controller used to control repetitive machines with high-speed counting and simple positioning features.

What this means
What could happen
An attacker can send malicious network packets to crash the M218 controller, stopping machine operations until the device is rebooted. Production lines using the M218 would experience unplanned downtime.
Who's at risk
Manufacturing and industrial automation teams that use Modicon M218 controllers in repetitive machinery (bottling lines, assembly machines, packaging equipment, motion control systems). Also relevant to utilities that use M218 controllers for pump or valve automation.
How it could be exploited
An attacker on the network sends specially crafted packets to the M218's network port. No authentication or special configuration is required. The controller receives the malformed packet, crashes, and stops responding to legitimate commands or sensor inputs.
Prerequisites
  • Network access to the Modicon M218 controller on port 502 (Modbus TCP) or the controller's configured communication port
  • No credentials required
Remotely exploitableNo authentication requiredLow complexity attackHigh CVSS score (7.5)Affects availability of industrial machinery
Exploitability
Low exploit probability (EPSS 0.4%)
Affected products (1)
ProductAffected VersionsFix Status
Modicon M218 logic controller v5.1.0.6 and prior≤ 5.1.0.65.1.0.8
Remediation & Mitigation
0/4
Do now
0/2
HARDENINGImplement network access controls to restrict which devices can send packets to the M218 controller (firewall rules, network segmentation, VLAN isolation)
HARDENINGDisable remote access to the M218 controller if not required for operations; use local engineering workstation connection for programming only
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Modicon M218 firmware to version 5.1.0.8 or later using EcoStruxure Machine Expert v2.0.1 or above
HOTFIXUpdate EcoStruxure Machine Expert on the engineering workstation to v2.0.1 or above before deploying firmware to M218 controllers
View full Schneider Electric advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/caacf016-f1ee-4c32-867a-f35a706e393d
Modicon M218 Logic Controller | CVSS 7.5 - OTPulse