Security News > 2020 > August > Security analysis of legacy programming environments reveals critical flaws
Conducted jointly with Politecnico di Milano, the research details how design flaws in legacy programming languages could lead to vulnerable automation programs.
Legacy proprietary programming languages such as RAPID, KRL, AS, PDL2, and PacScript were designed without an active attacker model in mind.
Not only are vulnerabilities a concern in the automation programs written using these proprietary languages, but researchers demonstrate how a new kind of self-propagating malware could be created using one of the legacy programming languages as an example.
"Most industrial robots are designed for isolated production networks and use legacy programming languages," said Christoph Hellmann, Program Manager, ROS-Industrial Consortium Europe.
As a result of this research, security-sensitive features were identified in the eight most popular industrial robotic programming platforms, and a total of 40 instances of vulnerable open source code have been found.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/H4UTFCTJBiI/
Related news
- 89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals (source)
- Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)