"CODESYS is the leading manufacturer-independent IEC 61131-3 automation
software for engineering control systems."
The vendor provides patches. The vendors of products using the affected
software should provide new firmware versions immediately. Users of these
products should update their devices to those fixed firmware versions.
The CODESYS Control runtime system is the core of many PLCs. The runtime is
accepting TCP connections on a pre-configured port to connect to the
development system. By sending requests that define an invalid packet size,
a memory allocation error can be triggered. This leads to a denial of service
condition of the remote connectivity of the CODESYS service, which prevents
clients from connecting to the affected PLC.
CODESYS released a dedicated security note, which corresponds to this advisory:
Proof of concept
A detailed proof of concept will be made public after the affected product
vendors had time to provide new firmware versions.
Vulnerable / tested versions