Flaw in Schneider Industrial Firewalls Allows Remote Code Execution

On Wednesday, at SecurityWeek’s 2016 ICS Cyber Security Conference, in a presentation meant to demonstrate that attackers could easily bypass defenses if proper ICS protection technologies are not in place, researchers at industrial security firm CyberX disclosed the existence of several important flaws. One of them affects Schneider Electric’s ConneXium TCSEFEC family of industrial ethernet…