A collection of 16 high-severity security vulnerabilities has been unveiled within the CODESYS V3 software development kit (SDK), named CoDe16, potentially leading to remote code execution and denial-of-service scenarios in operational technology (OT) environments.
Ranging from CVE-2022-47378 to CVE-2022-47393, these flaws carry a CVSS score of 8.8, with one exception rated at 7.5, and include a dozen buffer overflow vulnerabilities. Vladimir Tokarev from the Microsoft Threat Intelligence Community emphasized that these vulnerabilities, affecting CODESYS V3 versions up to 3.5.19.0, pose significant risks to OT infrastructure, potentially enabling remote code execution and denial-of-service attacks.
While exploiting these flaws demands user authentication and an understanding of CODESYS V3’s proprietary protocol, the potential consequences are severe, potentially causing shutdowns and malicious tampering of critical automation processes.
Among these vulnerabilities, remote code execution flaws hold the potential to compromise OT devices, particularly programmable logic controllers (PLCs), which could lead to information theft and unauthorized control. Despite user authentication requirements, Tokarev noted that leveraging a known vulnerability (CVE-2019-9013) in a replay attack against the PLC, alongside exploiting the flaws to trigger buffer overflows, could enable unauthorized access.
Patches addressing these vulnerabilities were released in April 2023. Some examples of the vulnerabilities include CVE-2022-47378, which could lead to a denial-of-service condition, CVE-2022-47379 involving memory overwriting, and CVE-2022-47385 posing a potential denial-of-service situation.
As CODESYS is widely employed by various vendors, these vulnerabilities hold the potential to impact multiple sectors and device types, prompting concerns about the launch of denial-of-service attacks or exploitation of remote code execution vulnerabilities to compromise sensitive data, interfere with operations, or manipulate PLCs in hazardous ways.
