Dive into the security vulnerabilities of Schneider Modicon Programmable Automation Controllers (PACs) in this comprehensive HITB2021SIN conference talk. Explore the private communication protocol UMAS and password protection mechanisms for CPU, uncovering potential security flaws in these industrial controllers widely used in critical infrastructure. Learn how to build fuzz program tools for discovering zero-day vulnerabilities, and understand techniques for bypassing password-protected security policies to gain unauthorized controller access. Witness a demonstration of a novel ransomware attack that exploits Modicon PAC security weaknesses. Gain insights into defensive strategies and recommendations to mitigate these vulnerabilities, presented by experienced industrial control system security researcher Gao Jian from NSFOCUS's GEWU Lab.