Researchers have revealed information about three new security flaws that affect CODESYS and Festo operational technology (OT) products and could result in source code modification and denial-of-service attacks (DoS).
The flaws, which were discovered by Forescout Vedere Labs, are the most recent in a long line of others that have been tracked as OT:ICEFALL. The researchers stated that these problems “exemplify either an insecure-by-design approach—which was typical at the time the products were launched—where manufacturers include dangerous functions that can be accessed without authentication or a subpar implementation of security controls, such as cryptography.”
Also Read: Analyzing CISA’s Cross-Industries Cybersecurity Performance Objectives
Organizations are advised to identify and inventory vulnerable devices and implement suitable network segmentation controls in order to reduce potential threats.
Read More: 3 New Vulnerabilities Affect OT Products from German Companies Festo and CODESYS
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
