The Modicon M580 is the latest in Schneider Electric’s Modicon line of programmable automation controllers. The majority of the bugs exist in UMAS requests made while operating the hardware. Cisco Talos worked with Schneider Electric to ensure that these issues are resolved and that an update is available for affected customers. The vulnerability leverages a technique similar to that used by Reid Wightman on the Modicon Quantum line of controllers in 2012, which can be found here. For more information on this vulnerability, read the complete advisory here.”]
Source: https://blog.talosintelligence.com/2019/06/vulnerability-spotlight-multiple.html