Cybersecurity researchers on Wednesday disclosed multiple security vulnerabilities impacting CODESYS automation software and the WAGO programmable logic controller (PLC) platform. The flaws can be turned “into innovative attacks that could put threat actors in position to remotely control a company’s cloud OT implementation, and threaten any industrial process managed from the cloud,” the New York-headquartered industrial security company Claroty said in a report shared with The Hacker News. The list of seven vulnerabilities is listed below. Successful exploitation of the flaws could enable the installation of malicious packages, result in a denial-of-service (DoS) condition, or lead to privilege escalation.
Source: https://thehackernews.com/2021/07/several-new-critical-flaws-affect.html