Six critical vulnerabilities have been discovered in a third-party software component powering various industrial systems. Remote, unauthenticated attackers can exploit the flaws to launch various malicious attacks including deploying ransomware, shutting down or even taking over critical systems. The flaws exist in CodeMeter, owned by Wibu-Systems, a software management component that s licensed by many of the top industrial control system (ICS) software vendors. Affected vendors like Rockwell Automation and Siemens have released their own security advisories, but researchers warn that many users may be unaware of the flaws.
Source: https://threatpost.com/severe-industrial-bugs-takeover-critical-systems/159068/