This afternoon the DHS ICS-CERT published a new advisory for a memory corruption vulnerability in the Schneider Electric IMT25 DTM component. The vulnerability was originally reported by Alexander Bolshev, Gleb Cherbov, and Svetlana Cherkasova of Digital Security. Schneider has produced a patch that mitigates the vulnerability and ICS-CERT reports that the researchers have validated the efficacy of the fix.
ICS-CERT reports that it would be moderately difficult to craft an exploit for this vulnerability and notes that access to an adjacent network is required to exploit this vulnerability. The vulnerability is remotely exploitable.
The Schneider Security Notification for this vulnerability explains that the vulnerability “includes a potential buffer overflow that possibly could lead to memory corruption and cause Denial of Service or permit remote code execution”.