You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cwe-404 resource shutdown
About this tag
The tag cwe-404 resource shutdown covers the CWE-404 vulnerability, Improper Resource Shutdown or Release, which can lead to denial of service. On WindowsForum.com, discussions focus on a CISA advisory for Schneider Electric Modicon M241, M251, and M262 controllers using Machine Expert software. An unauthenticated attacker can send malicious payloads to occupy communication channels, starving legitimate traffic and causing partial DoS. The fix requires specific firmware and software updates. This tag is relevant for IT and OT security professionals managing industrial automation, highlighting that availability is a critical security property in operational technology environments.
Schneider Electric’s Modicon M241, M251, and M262 controllers are once again in the security spotlight after CISA published an advisory for a CWE-404 Improper Resource Shutdown or Release flaw that can trigger a partial denial of service in the Machine Expert protocol. The risk is not abstract...