CVE-2022-31806
Insecure default settings in CODESYS Runtime Toolkit 32 bit full and CODESYS PLCWinNT
In short
CODESYS V2 PLCWinNT and Runtime Toolkit 32 ship without password protection enabled by default, allowing anyone with access to the system to control industrial equipment without authentication. This is critical because it leaves industrial control systems completely unprotected from unauthorized access.
Technical detail
The vulnerability exists in CODESYS V2 versions prior to V2.4.7.57 where authentication is not enforced by default and no warning is presented to users when a controller lacks a configured password. An unauthenticated attacker with local or network access to the affected system can directly interact with the runtime without credentials, bypassing the intended access control mechanism.
Summary generated and translated by AI from the official description.
In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →