3 New Vulnerabilities Affect OT Products from German Festo and CODESYS Companies

by admin 0 Comments

News
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Researchers have disclosed details of three new security vulnerabilities affecting operational technology (OT) products from CODESYS and Festo that could lead to source code tampering and denial-of-service (DoS).

The vulnerabilities, reported by Forescout Vedere Labs, are the latest in a long list of flaws collectively tracked under the name OT:ICEFALL.

“These issues exemplify either an insecure-by-design approach — which was usual at the time the products were launched – where manufacturers include dangerous functions that can be accessed with no authentication or a subpar implementation of security controls, such as cryptography,” the researchers said.

CyberSecurity

The most critical of the flaws is CVE-2022-3270 (CVSS score: 9.8), a critical vulnerability that affects Festo automation controllers using the Festo Generic Multicast (FGMC) protocol to reboot the devices without requiring any authentication and cause a denial of service (DoS) condition.

Another DoS shortcoming in Festo controllers (CVE-2022-3079, CVSS score: 7.5) relates to a case of unauthenticated, remote access to an undocumented web page (“cec-reboot.php”) that could be exploited by an attacker with network access to Festo CPX-CEC-C1 and CPX-CMXX PLCs.

OT vulnerabilities

The third issue, on the other hand, concerns the use of weak cryptography in the CODESYS V3 runtime environment to secure download code and boot applications (CVE-2022-4048, CVSS score: 7.7), which could be abused by a bad actor to decrypt and manipulate the source code, thereby undermining confidentiality and integrity protections.

Forescout said it also identified two known CODESYS bugs impacting Festo CPX-CEC-C1 controllers (CVE-2022-31806 and CVE-2022-22515) that stem from an unsafe configuration in the Control runtime environment, and could lead to a denial-of-service sans authentication.

“This is yet another example of a supply chain issue where a vulnerability has not been disclosed for all the products it affects,” the researchers said.

To mitigate potential threats, organizations are recommended to discover and inventory vulnerable devices, enforce appropriate network segmentation controls, and monitor network traffic for anomalous activity.

This article was originally published by Thehackernews.com. Read the original article here.
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

How to talk about climate change – and what motivates people to action: An interview with Katharine Hayhoe
The hacker’s toolkit: 4 gadgets that could spell security trouble
How to inspire the next generation of scientists | Unlocked 403: Cybersecurity podcast
The Fundamentals of Cloud Security Stress Testing
It’s a wrap! RSA Conference 2024 highlights – Week in security with Tony Anscombe

Leave a Reply

Your email address will not be published. Required fields are marked *