Many Critical Issues Newly Discovered in CODESYS Industrial Automation Software

CODESYS Industrial Automation Software
Share It On:

21 July 2021, Kathmandu

Cybersecurity researchers on Wednesday disclosed multiple security vulnerabilities affecting the CODESYS automation software and the WAGO Programmable Logic Controller (PLC) platform. These vulnerabilities can be remotely exploited to control the company’s operational technology (OT) infrastructure in the cloud.

 These issues could convert into creative attacks which enable malicious actors to remotely control the enterprise’s cloud OT implementation as well as threaten any industrial process managed from the cloud,” the company said. New York-based industrial security Claroty reports. Share with The Hacker News, adding that “they can be used to target cloud-based management consoles from infected field devices, or to control the company’s cloud and attack PLCs and other devices to disrupt operations.”

 CODESYS is a development environment for programming controller applications, which allows easy configuration of PLCs in industrial control systems. WAGO PFC100/200 is a series of PLCs which mobilizes the CODESYS platform to program and configure the controller. Successful exploitation of the vulnerability may allow the installation of malicious CODESYS packages, resulting in a denial of service (DoS) condition, or escalation of privileges by executing malicious JavaScript code, or worse, tampering or completely destroying the device.

 In nature, this can happen in two ways: “bottom-up” or “top-down.” These two methods imitate the path that an attacker might take to control the PLC endpoints, ultimately harming the cloud-based management console, and vice versa, controlling the cloud to manipulate all networked field devices. In the complex “bottom-up” Claroty The designed exploit chain is a combination of CVE202134566, CVE202134567, and CVE202129238, which is used to obtain remote code execution in WAGO PLC, just to access the human-machine interface CODESYS WebVisu and perform cross-site request forgery (CSRF) attacks to control the CODESYS automation server instance.

 “An malicious actors who gets access to the PLC managed by the automated cloud server could modify the` webvisu.js` file and add the JavaScript code to the end of the file. This code will send a malicious request to the cloud server on behalf of the connected cloud server, “explains Claroty Principal Investigator Uri Katz, who had identified as well as reported these shortcomings.

“When a cloud user views a WebVisu page, the modified JavaScript will take advantage of the missing CSRF token and run in the context of the viewing user; the request will contain CAS cookies. Malicious actors could use it for POST a` / api / db / User` and a new administrator user which would give them complete access to the CODESYS cloud platform, “added Katz.

 On the other hand, another “top-down” attack scenario involves the implementation of a malicious packet (CVE202129240) to compromise the CODESYS engineering station, which is designed to filter the cloud credentials associated with an operator account and then use it to manipulate. Program logic does not restrict access to all connected PLCs.


Share It On:

Recent Posts

Kataho’s Digital Addressing System Shines: Top 5 Finalists in ICT Social Innovation Award 2024

Kataho’s Digital Addressing System Shines: Top 5 Finalists in ICT

Share It On:29th November 2024, Kathmandu Kataho has been recognized as one of the Top 5 Finalists in the ICT

Xiaomi’s Smart Rice Cooker Nepal: App Control, 8-in-1 Functionality

Xiaomi’s Smart Rice Cooker Nepal: App Control, 8-in-1 Functionality

Share It On:28th November 2024, Kathmandu Xiaomi, the global technology leader, has launched the Xiaomi Smart Multifunctional Rice Cooker in

Ncell’s Innovative Approach: Cricket Powering Education in Nepal

Ncell’s Innovative Approach: Cricket Powering Education in Nepal

Share It On:28th November 2024, Kathmandu Ncell Foundation has announced an innovative partnership that combines the excitement of cricket with

realme Expands in Dang: Nepal Gets First Service Center

realme Expands in Dang: Nepal Gets First Service Center

Share It On:28th November 2024, Kathmandu realme, the most trusted technology brand, has inaugurated its 5th service center in Nepal,

Nammi EV Price Hike in Nepal: A Detailed Look at the New Costs

Nammi EV Price Hike in Nepal: A Detailed Look at

Share It On:28th November 2024, Kathmandu Nammi, the big hatch with five-star luxury, debuted the international launch of the right-hand-

NMB Bank’s Commitment to Cybersecurity: A Focus on Manager Training

NMB Bank’s Commitment to Cybersecurity: A Focus on Manager Training

Share It On:28th November 2024, Kathmandu The NMB Bank organized a special training session for its managers to strengthen their