A string of vulnerabilities in this runtime allows remote execution with low complexity.
Vendor recommendations include: users:
- apply patches
- restrict or block access on TCP 1131 and TCP 1132
- limit user/service account access to Runtime’s folder
Codesys automation software gets 10 out of 10 severity rating for 6 new vulnerabilities:
- CVE-2021-30189 – Stack-based Buffer Overflow
- CVE-2021-30190 – Improper Access Control
- CVE-2021-30191 – Buffer Copy without Checking Size of Input
- CVE-2021-30192 – Improperly Implemented Security Check
- CVE-2021-30193 – Out-of-bounds Write
- CVE-2021-30194 – Out-of-bounds Read
Siemens has released patches / workarounds for critical memory protection bypass vulnerabilities in S7-1200 and S7-1500 products.
Vendor recommended mitigations as follows:
- Password protect S7 comms
- Disallow client connections
- Restrict access from the S7-1500 display
- Apply physical security, network zoning etc.
- Update to TIA v17 and enable TLS