Security News > 2023 > August > 16 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks

A set of 15 high-severity security flaws have been disclosed in the CODESYS V3 software development kit that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology environments.

"Exploitation of the discovered vulnerabilities, which affect all versions of CODESYS V3 prior to version 3.5.19.0, could put operational technology infrastructure at risk of attacks, such as remote code execution and denial-of-service," Vladimir Tokarev of the Microsoft Threat Intelligence Community said in a report.

The remote code execution bugs, in particular, could be abused to backdoor OT devices and interfere with the functioning of programmable logic controllers in a manner that could pave the way for information theft.

CVE-2022-47379 - After successful authentication, specific crafted communication requests can cause the CmpApp component to write attacker-controlled data to memory, which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

CVE-2022-47382, CVE-2022-47383, CVE-2022-47384, CVE-2022-47386, CVE-2022-47387, CVE-2022-47388, CVE-2022-47389, and CVE-2022-47390 - After successful authentication, specific crafted communication requests can cause the CmpTraceMgr component to write attacker-controlled data to stack, which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

CVE-2022-47385 - After successful authentication, specific crafted communication requests can cause the CmpAppForce component to write attacker-controlled data to stack, which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

News URL

https://thehackernews.com/2023/08/15-new-codesys-sdk-flaws-expose-ot.html