Cybersecurity and Codesys vulnerability – Are you aware of risks?

With the world of IOT opening up machines that were once on closed networks to the big wide world all of a sudden cyber security has become an important consideration in environments that didn’t need to look at it before.

If you have a system that uses Codesys, a vulnerability has been discovered that could put devices at risk.

What could somebody do?

This vulnerability is related to the programming port of the device allowing access of control over the device. This would then allow hacker to change the device and add a new program to your devices. It can also access the plc shell allowing for file access like a command prompt allowing them to pull files off the device which could be a risk depending on what is stored on the device.

What does this mean? In short, if somebody had sufficient access, they could change the core programming of the machine.

How do work out if I am vulnerable?
The way for your business to check for such a vulnerability is quite simple as it can be picked up by software that does security checks for things like firewalls and open network ports.

The Network port that causes the vulnerability is on port 1200 and will mention the fact that it is unencrypted

How do I fix it
This vulnerability has been a known issue for a while and while Codesys have created a solution to fix it, many do not implement the change to make the port secure.

It is also relevant to both versions of Codesys 2.3 and 3.5 have this issue but both have different solution. If you want help with learn what you need to do or have other Codesys question call us.

What situations mean I do not have to do this?
The main reason behind not many people using this solution is due to the nature of designing industrial network, which usually keep them off the greater network of a business and only have one point of access which typically needed a physical connection.

Futureproofing your setup
Now with IOT and data collection being on the rise as a focus point for many businesses this issue now becomes a lot more of relevant than before.

Cybersecurity is becoming more and more important for machinery. As systems evolve and remote monitoring is more common there will be a liability to consider to ensure the safety of the public and the teams in companies. Ensuring that your business is safe from dangerous people accessing things they should not is part of the new paradigm of the modern factory.

This is especially true when the solution to fix it is simple to implement into most devices.

We’ll be posting in the coming weeks about how new automation techniques can significantly reduce costs but come with new considerations like security.