Explore a critical Black Hat conference talk unveiling "CoDe16," a set of 16 zero-day vulnerabilities discovered in the CODESYS framework. Delve into the widespread impact of these vulnerabilities on Operational Technology across various industries, including factory automation, energy, mobile, building, and embedded systems. Learn how these security flaws affect millions of devices globally, supported by over 500 manufacturers such as Schneider Electric, Beckhoff, Wago, Eaton, ABB, and Festo. Gain insights into the potential risks associated with these vulnerabilities and their implications for remote code execution on industrial devices spanning multiple architectures like MIPS, Renesas, ARM, PowerPC, and TriCore. Presented by Vladimir Eliezer Tokarev, this 34-minute talk provides essential knowledge for cybersecurity professionals, industrial system operators, and anyone involved in securing critical infrastructure.
16 Zero-Day Vulnerabilities Affecting CODESYS Framework Leading to Remote Code Execution
Overview
Syllabus
CoDe16; 16 Zero-Day Vulnerabilities Affecting CODESYS Framework Leading to Remote Code Execution
Taught by
Black Hat
Related Courses
-
In-Field Emulation and Fuzzing of PLCs to Uncover the Next Zero-Day Threat in Industrial Control Systems
-
Zero Days, Thousands of Nights - The Life & Times of Zero-Day Vulnerabilities and Their Exploits
-
Prototype Pollution Leading to Remote Code Execution in NodeJS
-
Leveraging HTTP Request Smuggling for Authentication Bypass and Remote Code Execution
-
Huawei - From China with Love
-
Exploring and Exploiting Zero-Click Remote Interfaces of Modern Huawei Smartphones
