16 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks

By THN

A set of 16 high-severity security flaws have been disclosed in the CODESYS V3 software development kit (SDK) that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology (OT) environments. The flaws, tracked from CVE-2022-47378 through CVE-2022-47393 and dubbed CoDe16, carry a CVSS score of 8.8 with the exception of CVE-2022-

Related tags
August 11^th 2023 at 05:20

The Hacker News
Critical Security Flaws Identified in CODESYS ICS Automation Software
June 27^th 2022 at 10:35

Critical Security Flaws Identified in CODESYS ICS Automation Software

By Ravie Lakshmanan

CODESYS has released patches to address as many as 11 security flaws that, if successfully exploited, could result in information disclosure and a denial-of-service (DoS) condition, among others. "These vulnerabilities are simple to exploit, and they can be successfully exploited to cause consequences such as sensitive information leakage, PLCs entering a severe fault state, and arbitrary code

Related tags
June 27^th 2022 at 10:35