Researchers at Nozomi Networks Labs have uncovered three vulnerabilities in CODESYS Control, a widely used industrial PLC platform, that attackers can chain together to replace legitimate control applications with backdoored versions — ultimately gaining full admin access.
The flaws affect water treatment plants, energy grids, and manufacturing lines. An attacker with valid credentials can steal cryptographic keys, tamper with the boot application, and achieve root execution on restart.
CODESYS has patched all three issues in Runtime version 4.21.0.0 and now enforces mandatory code signing by default. Admins should update immediately and tighten network segmentation.
Source: Cybersecurity News