CoDeSys is a third-party product used on programmable logic controllers (PLCs) and engineering workstations. According to this report, an attacker can upload unauthenticated configuration changes to the PLC, which may include arbitrary code. This report was released by Reid Wightman, [Digital Bond] (now with IOActive), without coordination with either the vendor or ICS-CERT.
ICS-CERT has notified the affected vendor of the report and has asked the vendor to confirm the vulnerabilities and identify mitigations. ICS-CERT is issuing this alert to provide early notice of the report and identify baseline mitigations for reducing risks to these and other cybersecurity attacks.
New Project Basecamp Tools for CoDeSys, 200+ Vendors Affected
A large number of renowned companies, mostly manufacturers of automation hardware use CoDeSys and its derivatives for their systems. In the list below you will surely find some you already know or even work with.