CoDeSys, Wago Vulnerabilities

Monday, April 9, 2012 @ 11:04 AM gHale


Public reports are out showing an improper access control vulnerability affecting 3S-Software CoDeSys, which also allows for multiple vulnerabilities affecting the WAGO IPC 758-870, an embedded Linux programmable logic controller (PLC).

An attacker could exploit these vulnerabilities to gain unauthorized access or to make unauthenticated configuration changes, which may include arbitrary code, according to a report on ICS-CERT.

RELATED STORIES
ABB WebWare Server Vulnerability
Wonderware Fixes Security Holes
Rockwell Patches FactoryTalk
Ecava Patches IntegraXor Vulnerability

The improper access control vulnerability ended up released by Reid Wightman of Digital Bond, without coordination with either the vendor or ICS-CERT.

The vendors are aware of the report and they are confirming the vulnerabilities and will release any mitigations.

With CoDeSys, a third party product used on PLCs and engineering workstations, the following is remotely exploitable: Improper access control that could lead to a loss of integrity.

The Wago report showed the following remotely exploitable vulnerabilities: Use of hard-coded password that could lead to loss of integrity, and an improper access control that could lead to loss of integrity, possible arbitrary code execution



Leave a Reply

You must be logged in to post a comment.