Schneider Electric Security Notification – Nov and Dec 2018

Preface: Business Insider predicts business spending on IoT solutions will hit $6 trillion by 2021.

Technical background: EcoStruxure is Schneider Electric’s IoT-enabled, plug-and-play, open, interoperable architecture and platform, in Homes, Buildings, Data Centres, Infrastructure and Industries.

Vulnerability details:
Security Notification – Embedded Web Servers for Modicon V2 :

Security Notification – Power Monitoring Expert, Energy Expert :

Comment: Not only a phishing scam trigger a URL redirection vulnerability. It also causes awaken product design weakness let multiple vulnerability occurs. It is a array effect. Since modicon and PLC products contains design limitations. The total 3 layers will be compromised once attack successful implement their phishing scam.