The global site of the UK's leading magazine for automation, motion engineering and power transmission
15 June, 2024

Twitter link

Microsoft discovers flaws that could affect 1,000s of PLCs

15 August, 2023

Cybersecurity researchers at Microsoft has discovered several “high severity” vulnerabilities in the software development kit (SDK) for the Codesys control platform which is used in around 1,000 automation devices, including PLCs from more than 500 manufacturers. Microsoft warns that exploitation of these vulnerabilities – which affect all versions of Codesys V3 before version – could put operational technology (OT) infrastructure at risk of denial-of-service (DoS) and remote code execution (RCE) attacks.

A DoS attack against a device using a vulnerable version of Codesys could allow the attackers to shut down plants, while remote code execution could create a backdoor allowing attackers to tamper with operations, causing PLCs to run in unusual ways, or to steal critical information.

Microsoft researchers reported their discovery of 15 vulnerabilities to the German-based Codesys organisation in September 2022 and worked closely with Codesys to help develop patches that Codesys released earlier this year. In a blog on its discovery, Microsoft “strongly” urges Codesys users to apply these updates as soon as possible.

It points out, however, that to exploit the vulnerabilities would require user authentication, as well as a deep knowledge of the Codesys V3 protocol and the structure of the services that the protocol uses.

Codesys is a vendor- and platform-independent development environment that helps automation device manufacturers to implement the IEC 61131-3 programming standard. It can be used to create both hardware- and software-based controllers.

For their research, the Microsoft analysts examined the structure and security of the Codesys protocol, focusing in particular on Schneider Electric’s Modicon TM251 and Wago’s PFC200 PLCs – both of which are Codesys-based.

As part of its research into Codesys vulnerabilities, Microsoft examined PLCs from Wago (left) and Schneider Electric

Other automation suppliers that use Codesys include ABB, Advantech, Bosch Rexroth, Delta Electronics, Eaton, Festo, Hitachi, ifm, Inovance, KEB, Lenze, NUM, Opto 22, Parker Hannifin, WEG and Weidmuller. There are reckoned to be more than 200,000 Codesys end-users worldwide, with several million Codesys devices in service.

Codesys has issued an advisory about the patches.

Microsoft Security:  Twitter  LinkedIn

Codesys:  LinkedIn

  • To view a digital copy of the latest issue of Drives & Controls, click here.

    To visit the digital library of past issues, click here

    To subscribe to the magazine, click here



"Do you think that robots create or destroy jobs?"



Most Read Articles