The digital threat landscape is evolving rapidly – making precise and reliable information more important than ever. On this page, we provide you with up-to-date security advisories so you can identify emerging risks at an early stage and take appropriate action.
In this way, we support you in continuously protecting your systems and maintaining your infrastructure at a consistently high level of security.
Security Advisories
CODESYS
Employees from Qualys Inc. and Tenable Network Security, USA, detected a leak in the well-known software CODESYS V2.3. We also use CODESYS 2.3.9.38 in our IEC 61131-3 tool codeIT, but our systems are not affected when using the appropriate security settings.
Meltdown and Spectre
Modern CPUs use speculative execution for higher performance, but this technique opened serious security vulnerabilities known as Meltdown and Spectre, allowing unauthorized access to sensitive memory. While many processors are affected, system-level protections and our strictly verified software significantly reduce any risk, and series5/series5+ CPUs are not impacted.
Compromised website
US-CERT and CISA reported a vulnerability in the web server of discontinued series5 stations using the old eco920 CPU. If the web interface is enabled, attackers could exploit command processing errors to access or manipulate the system. Newer series5+ and series5e devices are not affected, and disabling the web server fully removes the risk. Upgrading older stations is recommended if the web server is still in use.