Many Critical Issues Newly Discovered in CODESYS Industrial Automation Software

CODESYS Industrial Automation Software
Share It On:

21 July 2021, Kathmandu

Cybersecurity researchers on Wednesday disclosed multiple security vulnerabilities affecting the CODESYS automation software and the WAGO Programmable Logic Controller (PLC) platform. These vulnerabilities can be remotely exploited to control the company’s operational technology (OT) infrastructure in the cloud.

 These issues could convert into creative attacks which enable malicious actors to remotely control the enterprise’s cloud OT implementation as well as threaten any industrial process managed from the cloud,” the company said. New York-based industrial security Claroty reports. Share with The Hacker News, adding that “they can be used to target cloud-based management consoles from infected field devices, or to control the company’s cloud and attack PLCs and other devices to disrupt operations.”

 CODESYS is a development environment for programming controller applications, which allows easy configuration of PLCs in industrial control systems. WAGO PFC100/200 is a series of PLCs which mobilizes the CODESYS platform to program and configure the controller. Successful exploitation of the vulnerability may allow the installation of malicious CODESYS packages, resulting in a denial of service (DoS) condition, or escalation of privileges by executing malicious JavaScript code, or worse, tampering or completely destroying the device.

 In nature, this can happen in two ways: “bottom-up” or “top-down.” These two methods imitate the path that an attacker might take to control the PLC endpoints, ultimately harming the cloud-based management console, and vice versa, controlling the cloud to manipulate all networked field devices. In the complex “bottom-up” Claroty The designed exploit chain is a combination of CVE202134566, CVE202134567, and CVE202129238, which is used to obtain remote code execution in WAGO PLC, just to access the human-machine interface CODESYS WebVisu and perform cross-site request forgery (CSRF) attacks to control the CODESYS automation server instance.

 “An malicious actors who gets access to the PLC managed by the automated cloud server could modify the` webvisu.js` file and add the JavaScript code to the end of the file. This code will send a malicious request to the cloud server on behalf of the connected cloud server, “explains Claroty Principal Investigator Uri Katz, who had identified as well as reported these shortcomings.

“When a cloud user views a WebVisu page, the modified JavaScript will take advantage of the missing CSRF token and run in the context of the viewing user; the request will contain CAS cookies. Malicious actors could use it for POST a` / api / db / User` and a new administrator user which would give them complete access to the CODESYS cloud platform, “added Katz.

 On the other hand, another “top-down” attack scenario involves the implementation of a malicious packet (CVE202129240) to compromise the CODESYS engineering station, which is designed to filter the cloud credentials associated with an operator account and then use it to manipulate. Program logic does not restrict access to all connected PLCs.


Share It On:

Recent Posts

Citizens Bank 11.11 Deals: Exclusive Discounts on Daraz

Citizens Bank 11.11 Deals: Exclusive Discounts on Daraz

Share It On:5th November 2024, Kathmandu Citizens Bank International Limited signed an agreement with Nepal’s leading online marketplace, Daraz, to

Local Talent Shines in Cybersecurity: Bipu Ojha and Tuan Khuat Win CDU IT CodeFair CTF

Local Talent Shines in Cybersecurity: Bipu Ojha and Tuan Khuat

Share It On:5th November 2024, Kathmandu Bipu Ojha and his teammate Tuan Khuat have emerged as winners in the prestigious

CEDB Hydropower’s Extraordinary General Meeting Concluded: Five Directors Elected

CEDB Hydropower’s Extraordinary General Meeting Concluded: Five Directors Elected

Share It On: 5th November 2024, Kathmandu CEDB Hydropower Development Company Limited has successfully concluded its extraordinary general meeting. CEDB

Government’s Journalist Accident Insurance Program: Apply Now For Your Protection

Government’s Journalist Accident Insurance Program: Apply Now For Your Protection

Share It On: 5th November, Kathmandu The Department of Information and Broadcasting has announced the launch of a new insurance

Nepal Life’s Property Acquisition in Hetauda: A Strategic Move For Growth

Nepal Life’s Property Acquisition in Hetauda: A Strategic Move For

Share It On:5th November, Kathmandu Nepal Life Insurance, a leading life insurance company in Nepal, has recently expanded its footprint

Global IME Dividend Announcement: Key Book Closure Date Revealed

Global IME Dividend Announcement: Key Book Closure Date Revealed

Share It On:5th November 2024, Kathmandu Global IME Bank has good news for its shareholders! The bank has announced a