CVE-2025-1468 Overview
CVE-2025-1468 is an information disclosure vulnerability affecting the CODESYS OPC UA Server when configured with the non-default Basic128Rsa15 security policy. An unauthenticated remote attacker can exploit the flaw over the network to recover sensitive information, including authentication credentials transmitted to or processed by the server.
The issue is tracked under CWE-203: Observable Discrepancy, indicating that the server exposes side-channel information allowing attackers to infer secret values. CODESYS-based controllers are widely deployed across industrial automation, manufacturing, and critical infrastructure environments, making credential exposure on these systems a meaningful operational risk.
Critical Impact
Unauthenticated network attackers can extract authentication information from CODESYS OPC UA Server deployments using the Basic128Rsa15 security policy.
Affected Products
- CODESYS OPC UA Server (configurations using the Basic128Rsa15 security policy)
- CODESYS Control runtime systems exposing OPC UA Server functionality
- Industrial controllers and PLCs running CODESYS components with OPC UA enabled
Discovery Timeline
- 2025-03-18 - CVE CVE-2025-1468 published to NVD
- 2026-04-15 - Last updated in NVD database
Technical Details for CVE-2025-1468
Vulnerability Analysis
The vulnerability resides in the CODESYS OPC UA Server when operators select the Basic128Rsa15 security policy. This policy uses RSA with PKCS#1 v1.5 padding, a scheme long known to be susceptible to padding oracle attacks such as the Bleichenbacher attack. Under [CWE-203], discrepancies in server responses or processing time leak information about the cryptographic operation.
Attackers do not need credentials or user interaction to exploit the flaw. By submitting crafted OPC UA messages and observing differences in server behavior, an attacker can progressively recover plaintext, including session keys or authentication material exchanged during the secure channel handshake. The impact is limited to confidentiality; integrity and availability are not directly affected.
Root Cause
The root cause is reliance on the deprecated Basic128Rsa15 security policy, which the OPC Foundation itself has marked as obsolete due to known weaknesses in RSA PKCS#1 v1.5 key transport. Observable discrepancies in how the server handles malformed or specially crafted ciphertexts allow an attacker to act as an oracle and reconstruct sensitive values without needing to break RSA directly.
Attack Vector
Exploitation requires network reachability to the OPC UA Server endpoint, typically TCP port 4840. The attacker initiates connections using the Basic128Rsa15 policy and submits a sequence of crafted OpenSecureChannel requests. Variations in server responses reveal whether each guess yields valid PKCS#1 padding, enabling iterative recovery of authentication data. No prior authentication, privileges, or user interaction are required. Refer to the VDE Security Advisory VDE-2025-022 for vendor-specific technical details.
Detection Methods for CVE-2025-1468
Indicators of Compromise
- High volumes of OpenSecureChannel requests from a single source against OPC UA endpoints on port 4840.
- Repeated connection attempts negotiating the Basic128Rsa15 security policy, particularly from non-engineering hosts.
- Sequences of malformed or invalid encrypted requests followed by error responses, consistent with padding oracle probing.
Detection Strategies
- Inspect OPC UA traffic for clients explicitly requesting the Basic128Rsa15 policy URI and alert when modern clients should be using Basic256Sha256 or stronger.
- Correlate volumetric anomalies in OPC UA handshakes against baselines for each PLC or controller.
- Use industrial protocol-aware monitoring (for example Zeek or commercial OT IDS) to flag iterative cryptographic error patterns.
Monitoring Recommendations
- Enable verbose logging on CODESYS OPC UA Server endpoints and forward logs to a central SIEM for retention and analysis.
- Track authentication failures and secure channel errors per source IP, alerting when thresholds exceed normal operator activity.
- Continuously inventory OPC UA endpoints and the security policies they advertise, prioritizing those still offering Basic128Rsa15.
How to Mitigate CVE-2025-1468
Immediate Actions Required
- Disable the Basic128Rsa15 security policy on every CODESYS OPC UA Server endpoint and require Basic256Sha256 or stronger.
- Restrict network reachability of OPC UA Server endpoints to engineering workstations and trusted SCADA hosts using firewall rules or network segmentation.
- Rotate any credentials, certificates, or session keys that may have been exposed on systems where Basic128Rsa15 was previously enabled.
- Apply vendor-supplied updates as referenced in VDE Security Advisory VDE-2025-022.
Patch Information
CODESYS has published remediation guidance through the VDE CERT advisory. Operators should consult VDE-2025-022 for the list of fixed product versions and upgrade their CODESYS Control runtime and OPC UA Server components accordingly.
Workarounds
- Configure the OPC UA Server to advertise only modern security policies such as Basic256Sha256 and reject Basic128Rsa15 connections.
- Place affected controllers behind an OT firewall or data diode and limit OPC UA access to authenticated, allowlisted clients only.
- Where the OPC UA Server is not required, disable the service on the controller until patched.
# Configuration example: restrict OPC UA Server traffic to trusted SCADA host
# Replace 10.10.5.20 with the authorized engineering workstation
iptables -A INPUT -p tcp --dport 4840 -s 10.10.5.20 -j ACCEPT
iptables -A INPUT -p tcp --dport 4840 -j DROP
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
