CODESYS Vulnerabilities in Festo Automation Suite
CODESYS Vulnerabilities in Festo Automation Suite
🚨 Attention all users! The following versions of CODESYS in Festo Automation Suite are affected:
- FESTO Software Festo Automation Suite (versions prior to 2.8.0.138) installed with CODESYS Software CODESYS Development System (3.0)
- FESTO Software Festo Automation Suite (versions prior to 2.8.0.138) installed with CODESYS Software CODESYS Development System (3.5.16.10)
- FESTO Software Festo Automation Suite (2.8.0.137) installed with CODESYS Software CODESYS Development System (3.0)
- FESTO Software Festo Automation Suite (2.8.0.137) installed with CODESYS Software CODESYS Development System (3.5.16.10)
These vulnerabilities impact Critical Infrastructure Sectors, specifically Critical Manufacturing, with deployments worldwide. Festo Automation Suite is headquartered in Germany. CERT@VDE reported this vulnerability to Festo. No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:
- Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
- Locate control system networks and remote devices behind firewalls and isolate them from business networks.
- When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most recent version available.
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. Additionally, CISA provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
For more detailed guidance, please refer to the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.