Microsoft researchers have identified over a dozen vulnerabilities in Codesys products, used in industrial control systems (ICS). These vulnerabilities, assigned high severity ratings, were found in Codesys Control V3 versions prior to 3.5.19.0. Exploitation could lead to denial-of-service attacks or remote code execution, potentially affecting industrial operations or data theft. While requiring authentication for exploitation, the researchers noted that older Codesys flaws could facilitate this. Microsoft has provided an open-source tool to identify affected devices, and Codesys has issued an advisory on the vulnerabilities. These findings were presented at the Black Hat cybersecurity conference by Microsoft researcher Vladimir Tokarev.