CODESYS is a development environment for programming controller applications, enabling easy configuration of PLCs in industrial control systems.
Last Wednesday Cybersecurity researchers disclosed a multitude of security vulnerabilities impacting CODESYS automation software and the WAGO programmable logic controller platform that could potentially be remotely exploited to take control of a company's entire cloud operational technology infrastructure.
The New York-headquartered industrial security company Claroty said in a report that the flaws can be turned "into innovative attacks that could put threat actors in position to remotely control a company's cloud OT implementation, and threaten any industrial process managed from the cloud," they also later added that they "can be used to target a cloud-based management console from a compromised field device, or take over a company's cloud and attack PLCs and other devices to disrupt operations."
There were a total of seven critical vulnerabilities reported. Those seven vulnerabilities are listed below.
CVE-2021-29238 - Cross-site request forgery in CODESYS Automation Server
CVE-2021-29240 - Insufficient Verification of Data Authenticity in CODESYS Package Manager
CVE-2021-29241 - Null pointer dereference in CODESYS V3 products containing the CmpGateway component
CVE-2021-34569 - WAGO PFC diagnostic tools – Out-of-bounds write
CVE-2021-34566 - WAGO PFC iocheckd service "I/O-Check" – Shared memory buffer overflow
CVE-2021-34567 - WAGO PFC iocheckd service "I/O-Check" – Out-of-bounds read
CVE-2021-34568 - WAGO PFC iocheckd service "I/O-Check" – Allocation of resources without limits