Public reports are out showing an improper access control vulnerability affecting 3S-Software CoDeSys, which also allows for multiple vulnerabilities affecting the WAGO IPC 758-870, an embedded Linux programmable logic controller (PLC).
An attacker could exploit these vulnerabilities to gain unauthorized access or to make unauthenticated configuration changes, which may include arbitrary code, according to a report on ICS-CERT.
The improper access control vulnerability ended up released by Reid Wightman of Digital Bond, without coordination with either the vendor or ICS-CERT.
The vendors are aware of the report and they are confirming the vulnerabilities and will release any mitigations.
With CoDeSys, a third party product used on PLCs and engineering workstations, the following is remotely exploitable: Improper access control that could lead to a loss of integrity.
The Wago report showed the following remotely exploitable vulnerabilities: Use of hard-coded password that could lead to loss of integrity, and an improper access control that could lead to loss of integrity, possible arbitrary code execution