Schneider Electric did not immediately respond to a request for comment.
Another limiting factor is that a potential attacker already needs to have access to a computer on the network that can communicate with the Unity Pro engineering workstation in the first place.
Access to such a computer can be obtained in a number of ways, including through malware attacks, other vulnerabilities and even malicious insiders. However, this vulnerability highlights the importance of proper network segmentation, where industrial control assets, including engineering workstations, are isolated from a company's general IT network.
Sign up for Computerworld eNewsletters.