The NCCIC has published an advisory on use of insufficiently random values and improper restriction of communication channel to intended endpoints vulnerabilities in 3S-Smart Software Solutions GmbH CODESYS V3 products. Numerous products and versions of these products are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to disguise the source of malicious communication packets and also exploit a random values weakness affecting confidentiality and integrity of data stored on the device. 3-S Smart Software Solutions GmbH has released a new version of the software. The NCCIC also advises on a series of mitigating measures for these vulnerabilities. NCCIC/ICS-CERT.