June 11, 2023

Cybersecurity disclosed as many as ten critical vulnerabilities impacting CODESYS automation software that could be exploited to remote code execution on programmable logic controllers (PLCs). To exploit this only network access is enough

The vulnerabilities on a PLC offered by WAGO, which, among other automation technology companies such as Beckhoff, Kontron, Moeller, Festo, Mitsubishi, and HollySys, use CODESYS software for programming and configuring the controllers. CODESYS offers a development environment for programming controller applications for use in industrial control systems.

Six of the most severe flaws were identified in the CODESYS V2.3 web server component used by CODESYS WebVisu to visualize a human-machine interface in a web browser. The vulnerabilities could potentially be leveraged by an adversary to send specially-crafted web server requests to trigger a denial-of-service condition, write or read arbitrary code to and from a control runtime system’s memory, and even crash the CODESYS web server.

All the six bugs have been rated 10 out of 10 on the CVSS scale —

  • CVE-2021-30189 – Stack-based Buffer Overflow
  • CVE-2021-30190 – Improper Access Control
  • CVE-2021-30191 – Buffer Copy without Checking Size of Input
  • CVE-2021-30192 – Improperly Implemented Security Check
  • CVE-2021-30193 – Out-of-bounds Write
  • CVE-2021-30194 – Out-of-bounds Read

The below 3 has CVSS Score of 8.0

  • CVE-2021-30186 – Heap-based Buffer Overflow
  • CVE-2021-30188 – Stack-based Buffer Overflow
  • CVE-2021-30195 – Improper Input Validation

A flaw found in the CODESYS Control V2 Linux SysFile library (CVE-2021-30187, CVSS score: 5.3) could be used to call additional PLC functions, in turn allowing a bad actor to delete files and disrupt critical processes.null

An attacker with low skills would be able to exploit these vulnerabilities, CODESYS cautioned in its advisory, adding it found no known public exploits that specifically target them.

Their exploitation can lead to remote command execution on PLC, which may disrupt technological processes and cause industrial accidents and economic losses.

1 thought on “Critical Flaws in CODESYS

Leave a Reply

%d bloggers like this: