← Back to home
ICSA-25-175-03  ·  Published 2025-07-08  ·  View on CISA ICS-CERT ↗

Schneider Electric Modicon Controllers (Update A)

CVSS 6.5 MEDIUM

CVEs (6)

Remediations

  • Version 5.3.12.51 of Modicon Controllers M241 includes a fix for these vulnerabilities and can be downloaded here: M241:https://www.se.com/ww/en/product-range/62129-modicon-m241-micro-plc/#software-and-firmware •Use the Controller Assistant feature of EcoStruxure™ Automation Expert – Motion v24.1 or EcoStruxure™ Machine Expert v2.3 to update the M241 firmware and perform a reboot. •EcoStruxure™ Automation Expert – Motion V24.1 is available via the Schneider Electric Software Installer: https://www.se.com/ww/en/download/document/ESEMACS10_INSTALLER. • Additional information is available in the Quick Start Guide, chapter “EcoStruxure™ Automation Expert Platform Installation”.
  • Version 5.3.12.51 of Modicon Controllers M251 includes a fix for these vulnerabilities and can be downloaded here: M251:https://www.se.com/ww/en/product-range/62130-modicon-m251-micro-plc-with-dual-channel-comm/#software-and-firmware •Use the Controller Assistant feature of EcoStruxure™ Automation Expert – Motion v24.1 or EcoStruxure™ Machine Expert v2.3 to update the M251 firmware and perform a reboot. •EcoStruxure™ Automation Expert – Motion V24.1 is available via the Schneider Electric Software Installer: https://www.se.com/ww/en/download/document/ESEMACS10_INSTALLER. • Additional information is available in the Quick Start Guide, chapter “EcoStruxure™ Automation Expert Platform Installation”.
  • Versions from 5.3.9.18 of Modicon Controllers M262 include a fix for these vulnerabilities and can be downloaded here: https://www.se.com/ww/en/product-range/65771-logic-motion-controllermodicon-m262/#software-and-firmware •Use the Controller Assistant feature of EcoStruxure™ Automation Expert – Motion v24.1or EcoStruxure™ Machine Expert v2.3 to update the M262 firmware and perform a reboot. •EcoStruxure™ Automation Expert – Motion V24.1 is available via the Schneider Electric Software Installer: https://www.se.com/ww/en/download/document/ESEMACS10_INSTALLER. • Additional information is available in the Quick Start Guide, chapter “EcoStruxure™ Automation Expert Platform Installation”.
  • If customers choose not to apply the remediation provided above, they should immediately apply the following mitigations to reduce the risk of exploit: * Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from public internet or untrusted networks. * Ensure usage of user management and password features. User rights are enabled by default and forced to create a strong password at first use. * Deactivate the Webserver after use when not needed. * Use encrypted communication links. * Setup network segmentation and implement a firewall to block all unauthorized access to ports 80/HTTP and 443/HTTPS. * Use VPN (Virtual Private Networks) tunnels if remote access is required. * The “Cybersecurity Guidelines for EcoStruxure Machine Expert, Modicon and PacDrive Controllers and Associated Equipment” https://download.schneider-electric.com/files?p_enDocType=User+guide&p_File_Name=EIO0000004242.00.pdf&p_Doc_Ref=EIO0000004242 provide product specific hardening guidelines.
  • Schneider Electric is establishing a remediation plan for all future versions of Modicon M258/LMC058 that will include a fix for this vulnerability. We will update this document when the remediation is available. Until then, customers should immediately apply the following mitigations to reduce the risk of exploit: * Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from public internet or untrusted networks. * Ensure usage of user management and password features. User rights are enabled by default and forced to create a strong password at first use. * Deactivate the Webserver after use when not needed. * Use encrypted communication links. * Setup network segmentation and implement a firewall to block all unauthorized access to ports 80/HTTP and 443/HTTPS. * Use VPN (Virtual Private Networks) tunnels if remote access is required. * The “Cybersecurity Guidelines for EcoStruxure Machine Expert, Modicon and PacDrive Controllers and Associated Equipment” https://download.schneider-electric.com/files?p_enDocType=User+guide&p_File_Name=EIO0000004242.00.pdf&p_Doc_Ref=EIO0000004242 provide product specific hardening guidelines.

Affected Vendors

Schneider Electric

Affected Products (10)

Schneider Electric · Modicon Controllers M241 <5.3.12.51
Schneider Electric · Modicon Controllers M241 5.3.12.51
Schneider Electric · Modicon Controllers M251 <5.3.12.51
Schneider Electric · Modicon Controllers M251 5.3.12.51
Schneider Electric · Modicon Controllers M262 <5.3.9.18
Schneider Electric · Modicon Controllers M262 >=5.3.9.18
Schneider Electric · Modicon Controllers M258 vers:all/*
Schneider Electric · Modicon Controllers LMC058 vers:all/*
Schneider Electric · EcoStruxure Automation Expert - Motion 24.1
Schneider Electric · EcoStruxure Machine Expert 2.3

Affected Sectors

Commercial Facilities, Critical Manufacturing, Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more