- Schneider Electric’s Modicon Network Managed Switches contain a RADIUS vulnerability (CVE‑2024‑3596) that lets an attacker alter Access‑Accept, Access‑Reject or Access‑Challenge packets if the Message Authenticator option is turned off.
- The flaw spans all Connexium, Modicon and Modicon Redundancy switch models and carries a CVSS 3.1 base score of 9.0, classifying it as critical. The default configuration keeps Message Authenticator enabled, so the risk only materialises when administrators deliberately disable it via CLI or SNMP.
- Operators of critical‑infrastructure networks should audit switch settings and ensure the parameter remains enabled. The issue highlights a broader pattern: many industrial devices rely on insecure defaults only when users change them, turning a benign setup into a high‑impact attack surface.
- Keep the Message Authenticator turned on, verify it via the appropriate CLI or SNMP MIB, and treat the switch like any other network edge device that must stay locked down.