Industrial Safety / IIoT

Flaws in critical-infrastructure software used by manufacturers, power plants could have meant catastrophe


May 02, 2018

Get Plant Services delivered to your inbox Monday through Friday! Sign up for  Plant Services' complimentary Smart Minute (Monday-Thursday) and Smart Digest  (Friday) e-newsletters to get maintenance and reliability know-how you can put  to use today, plus the latest manufacturing news from around the Web, white  papers, and more. Learn more and subscribe for free today.

Researchers discovered security flaws in two software programs from Schneider Electric used worldwide to control manufacturing sites, power plants, water systems and solar power facilities, network security company Tenable said Wednesday.

The vulnerabilities would have given potential hackers complete access to industrial controls, remotely allowing them to shut down critical-infrastructure plants in the worst-case scenario, said David Cole, Tenable's chief product officer. The flaws also opened a floodgate for attackers to move throughout an entire network and cripple not only the machine it infected, but every device it's connected to.

Read the full story at