Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2024-0943
Vulnerability from csaf_certbund
Published
2024-04-21 22:00
Modified
2025-01-07 23:00
Summary
CODESYS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
CODESYS ist eine herstellerunabhängige Automatisierungssoftware für die Entwicklung von Steuerungsanwendungen in der industriellen Automatisierung.
Angriff
Ein Angreifer kann mehrere Schwachstellen in CODESYS ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder einen Brute-Force-Angriff durchzuführen.
Betroffene Betriebssysteme
- Sonstiges
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "CODESYS ist eine herstellerunabhängige Automatisierungssoftware für die Entwicklung von Steuerungsanwendungen in der industriellen Automatisierung.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein Angreifer kann mehrere Schwachstellen in CODESYS ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder einen Brute-Force-Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-0943 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0943.json", }, { category: "self", summary: "WID-SEC-2024-0943 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0943", }, { category: "external", summary: "CODESYS Advisory vom 2023-06-27", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17090&token=6cd08b169916366df31388d2e7ba58e7bce93508&download=", }, { category: "external", summary: "CODESYS Advisory vom 2023-04-03", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17555&token=212fc7e39bdd260cab6d6ca84333d42f50bcb3da&download=", }, { category: "external", summary: "CODESYS Advisory vom 2023-03-08", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17764&token=4b2f3cf3a800d076b22f18d49f278bd8883dbd46&download=", }, { category: "external", summary: "CODESYS Advisory vom 2023-10-31", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17765&token=04e117e1408fdb8e02b4bc821aa3be819668aef4&download=", }, { category: "external", summary: "CODESYS Advisory vom 2023-08-03", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17766&token=667d36292e99e6f6b7eb8c0b4a86d27137c31f98&download=", }, { category: "external", summary: "CODESYS Advisory vom 2023-10-31", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17767&token=7ed2d9324eff98a0a319c455d0256dc7627c705e&download=", }, { category: "external", summary: "CODESYS Advisory vom 2023-08-03", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17768&token=9d206ea9e0449cd9d3ee60d5179d2761dad2d2dd&download=", }, { category: "external", summary: "CODESYS Advisory vom 2023-07-26", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17769&token=a1a34cd304aebfbc1e2619e401a9a6cb5d4dc117&download=", }, { category: "external", summary: "CODESYS Advisory vom 2023-12-05", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17809&token=c3b4e3ec4956099de26f0c6caf194d1ba341040a&download=", }, { category: "external", summary: "CODESYS Advisory vom 2024-02-26", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=18027&token=43109051cf95d3445bc616e4efb8414336ebcc47&download=", }, { category: "external", summary: "ABB Security Advisory vom 2025-01-07", url: "https://search.abb.com/library/Download.aspx?DocumentID=3ADR011377&LanguageCode=en&DocumentPartId=CSAF&Action=Launch", }, ], source_lang: "en-US", title: "CODESYS: Mehrere Schwachstellen", tracking: { current_release_date: "2025-01-07T23:00:00.000+00:00", generator: { date: "2025-01-08T10:42:29.688+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-0943", initial_release_date: "2024-04-21T22:00:00.000+00:00", revision_history: [ { date: "2024-04-21T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-04-25T22:00:00.000+00:00", number: "2", summary: "Datum der Codesys Meldungen korrigiert.", }, { date: "2025-01-07T23:00:00.000+00:00", number: "3", summary: "Neue Updates aufgenommen", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<3.8.0", product: { name: "ABB AC-500 <3.8.0", product_id: "T040044", }, }, { category: "product_version", name: "3.8.0", product: { name: "ABB AC-500 3.8.0", product_id: "T040044-fixed", product_identification_helper: { cpe: "cpe:/h:abb:ac-500:3.8.0", }, }, }, ], category: "product_name", name: "AC-500", }, ], category: "vendor", name: "ABB", }, { branches: [ { category: "product_name", name: "CODESYS CODESYS", product: { name: "CODESYS CODESYS", product_id: "T034337", product_identification_helper: { cpe: "cpe:/a:codesys:codesys:-", }, }, }, ], category: "vendor", name: "CODESYS", }, ], }, vulnerabilities: [ { cve: "CVE-2022-22516", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2022-22516", }, { cve: "CVE-2022-4046", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2022-4046", }, { cve: "CVE-2022-47391", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2022-47391", }, { cve: "CVE-2023-28355", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-28355", }, { cve: "CVE-2023-3662", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-3662", }, { cve: "CVE-2023-3663", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-3663", }, { cve: "CVE-2023-3669", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-3669", }, { cve: "CVE-2023-3670", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-3670", }, { cve: "CVE-2023-37545", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-37545", }, { cve: "CVE-2023-37546", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-37546", }, { cve: "CVE-2023-37547", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-37547", }, { cve: "CVE-2023-37548", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-37548", }, { cve: "CVE-2023-37549", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-37549", }, { cve: "CVE-2023-37550", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-37550", }, { cve: "CVE-2023-37551", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-37551", }, { cve: "CVE-2023-37552", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-37552", }, { cve: "CVE-2023-37553", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-37553", }, { cve: "CVE-2023-37554", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-37554", }, { cve: "CVE-2023-37555", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-37555", }, { cve: "CVE-2023-37556", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-37556", }, { cve: "CVE-2023-37557", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-37557", }, { cve: "CVE-2023-37558", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-37558", }, { cve: "CVE-2023-37559", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-37559", }, { cve: "CVE-2023-3935", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-3935", }, { cve: "CVE-2023-6357", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "T034337", "T040044", ], }, release_date: "2024-04-21T22:00:00.000+00:00", title: "CVE-2023-6357", }, ], }
cve-2023-3663
Vulnerability from cvelistv5
Published
2023-08-03 10:55
Modified
2025-02-27 21:11
Severity ?
EPSS score ?
Summary
In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CODESYS | CODESYS Development System |
Version: 3.5.11.20 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T07:01:57.323Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-022/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-3663", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T21:54:28.867674Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-27T21:11:34.700Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Development System", vendor: "CODESYS", versions: [ { lessThan: "3.5.19.20", status: "affected", version: "3.5.11.20", versionType: "semver", }, ], }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server.", }, ], value: "In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-940", description: "CWE-940 Improper Verification of Source of a Communication Channel", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-02T05:35:40.245Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-022/", }, ], source: { advisory: "VDE-2023-022", defect: [ "CERT@VDE#64561", ], discovery: "EXTERNAL", }, title: "CODESYS: Missing integrity check in CODESYS Development System", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-3663", datePublished: "2023-08-03T10:55:08.945Z", dateReserved: "2023-07-13T13:04:46.976Z", dateUpdated: "2025-02-27T21:11:34.700Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37548
Vulnerability from cvelistv5
Published
2023-08-03 11:02
Modified
2024-10-11 18:12
Severity ?
EPSS score ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.432Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37548", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T17:59:49.760916Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:12:26.294Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550<br><br>", }, ], value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:02:02.224Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS: Improper Input Validation in CmpApp component", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37548", datePublished: "2023-08-03T11:02:02.224Z", dateReserved: "2023-07-07T07:39:16.322Z", dateUpdated: "2024-10-11T18:12:26.294Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37553
Vulnerability from cvelistv5
Published
2023-08-03 11:04
Modified
2024-10-11 18:10
Severity ?
EPSS score ?
Summary
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.602Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37553", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T18:05:01.815292Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:10:16.403Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.<br><br>", }, ], value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:04:39.061Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Improper Input Validation in CmpAppBP", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37553", datePublished: "2023-08-03T11:04:39.061Z", dateReserved: "2023-07-07T07:39:16.323Z", dateUpdated: "2024-10-11T18:10:16.403Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37546
Vulnerability from cvelistv5
Published
2023-08-03 11:00
Modified
2024-10-11 18:14
Severity ?
EPSS score ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.484Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37546", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T17:59:33.810402Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:14:28.818Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550<br><br>", }, ], value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:00:33.624Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS: Improper Input Validation in CmpApp component", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37546", datePublished: "2023-08-03T11:00:33.624Z", dateReserved: "2023-07-07T07:39:16.322Z", dateUpdated: "2024-10-11T18:14:28.818Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-3662
Vulnerability from cvelistv5
Published
2023-08-03 10:55
Modified
2025-02-27 21:11
Severity ?
EPSS score ?
Summary
In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context .
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CODESYS | CODESYS Development System |
Version: 3.5.17.0 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T07:01:57.375Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-021/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-3662", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T21:54:27.291596Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-27T21:11:28.683Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Development System", vendor: "CODESYS", versions: [ { lessThan: "3.5.19.20", status: "affected", version: "3.5.17.0", versionType: "semver", }, ], }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context .", }, ], value: "In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context .", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-427", description: "CWE-427 Uncontrolled Search Path Element", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T10:55:43.844Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-021/", }, ], source: { advisory: "VDE-2023-021", defect: [ "CERT@VDE#64560", ], discovery: "EXTERNAL", }, title: "CODESYS: Vulnerability in CODESYS Development System allows for execution of binaries", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-3662", datePublished: "2023-08-03T10:55:43.844Z", dateReserved: "2023-07-13T12:54:10.262Z", dateUpdated: "2025-02-27T21:11:28.683Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-3935
Vulnerability from cvelistv5
Published
2023-09-13 13:19
Modified
2025-02-27 20:53
Severity ?
EPSS score ?
Summary
A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Wibu | CodeMeter Runtime |
Version: 0.0 < |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T07:08:50.775Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/AdvisoryWIBU-230704-01-v3.0.pdf", }, { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-031/", }, { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-030/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-3935", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T21:50:55.835781Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-27T20:53:03.735Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CodeMeter Runtime", vendor: "Wibu", versions: [ { lessThanOrEqual: "7.60b", status: "affected", version: "0.0", versionType: "custom", }, ], }, { defaultStatus: "affected", product: "CodeMeter Runtime", vendor: "Wibu", versions: [ { status: "unaffected", version: "7.21g", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.", }, ], value: "A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-09-19T07:00:20.911Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/AdvisoryWIBU-230704-01-v3.0.pdf", }, { url: "https://cert.vde.com/en/advisories/VDE-2023-031/", }, { url: "https://cert.vde.com/en/advisories/VDE-2023-030/", }, ], source: { defect: [ "CERT@VDE#64566", ], discovery: "UNKNOWN", }, title: "Wibu: Buffer Overflow in CodeMeter Runtime", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-3935", datePublished: "2023-09-13T13:19:18.392Z", dateReserved: "2023-07-25T13:02:40.206Z", dateUpdated: "2025-02-27T20:53:03.735Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22516
Vulnerability from cvelistv5
Published
2022-04-07 18:21
Modified
2024-09-17 01:05
Severity ?
EPSS score ?
Summary
The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory space.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control RTE (SL) |
Version: V3.5.18.0 < V3.5.18.0 |
||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:14:55.441Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17090&token=6cd08b169916366df31388d2e7ba58e7bce93508&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, ], datePublic: "2022-04-06T00:00:00", descriptions: [ { lang: "en", value: "The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory space.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-732", description: "CWE-732 Incorrect Permission Assignment for Critical Resource", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-07T18:21:18", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17090&token=6cd08b169916366df31388d2e7ba58e7bce93508&download=", }, ], source: { discovery: "UNKNOWN", }, title: "CODESYS driver SysDrv3S allows SYSTEM users on Microsoft Windows to read and write in restricted memory space.", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "info@cert.vde.com", DATE_PUBLIC: "2022-04-06T10:00:00.000Z", ID: "CVE-2022-22516", STATE: "PUBLIC", TITLE: "CODESYS driver SysDrv3S allows SYSTEM users on Microsoft Windows to read and write in restricted memory space.", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "CODESYS Control RTE (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control RTE (for Beckhoff CX) SL", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control Win (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Development System V3", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, ], }, vendor_name: "CODESYS", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory space.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-732 Incorrect Permission Assignment for Critical Resource", }, ], }, ], }, references: { reference_data: [ { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17090&token=6cd08b169916366df31388d2e7ba58e7bce93508&download=", refsource: "MISC", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17090&token=6cd08b169916366df31388d2e7ba58e7bce93508&download=", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-22516", datePublished: "2022-04-07T18:21:18.417075Z", dateReserved: "2022-01-03T00:00:00", dateUpdated: "2024-09-17T01:05:35.627Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37557
Vulnerability from cvelistv5
Published
2023-08-03 11:06
Modified
2024-10-09 20:52
Severity ?
EPSS score ?
Summary
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.379Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37557", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-09T20:48:56.664856Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-09T20:52:16.817Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.", }, ], value: "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:06:17.884Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Heap-based Buffer Overflow in multiple products", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37557", datePublished: "2023-08-03T11:06:17.884Z", dateReserved: "2023-07-07T07:39:19.121Z", dateUpdated: "2024-10-09T20:52:16.817Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37558
Vulnerability from cvelistv5
Published
2023-08-03 11:06
Modified
2024-10-11 18:09
Severity ?
EPSS score ?
Summary
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.767Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37558", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T18:07:13.616622Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:09:20.780Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559", }, ], value: "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:06:36.112Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Improper Validation of Consistency within Input in multiple products", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37558", datePublished: "2023-08-03T11:06:36.112Z", dateReserved: "2023-07-07T07:39:19.121Z", dateUpdated: "2024-10-11T18:09:20.780Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37555
Vulnerability from cvelistv5
Published
2023-08-03 11:05
Modified
2024-10-09 20:52
Severity ?
EPSS score ?
Summary
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37556.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.445Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37555", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-09T20:49:10.954455Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-09T20:52:51.974Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37556.<br><br>", }, ], value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37556.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:05:33.660Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Improper Input Validation in CmpAppBP", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37555", datePublished: "2023-08-03T11:05:33.660Z", dateReserved: "2023-07-07T07:39:19.120Z", dateUpdated: "2024-10-09T20:52:51.974Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37549
Vulnerability from cvelistv5
Published
2023-08-03 11:02
Modified
2024-10-11 18:12
Severity ?
EPSS score ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37550
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.241Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37549", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T18:01:40.613696Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:12:01.720Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37550<br><br>", }, ], value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37550\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:02:33.725Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS: Improper Input Validation in CmpApp component", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37549", datePublished: "2023-08-03T11:02:33.725Z", dateReserved: "2023-07-07T07:39:16.322Z", dateUpdated: "2024-10-11T18:12:01.720Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37551
Vulnerability from cvelistv5
Published
2023-08-03 11:03
Modified
2024-10-11 18:10
Severity ?
EPSS score ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.609Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37551", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T18:01:50.770279Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:10:51.431Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller.", }, ], value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-552", description: "CWE-552 Files or Directories Accessible to External Parties", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:03:37.457Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Files or Directories Accessible to External Parties in CmpApp", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37551", datePublished: "2023-08-03T11:03:37.457Z", dateReserved: "2023-07-07T07:39:16.323Z", dateUpdated: "2024-10-11T18:10:51.431Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-3670
Vulnerability from cvelistv5
Published
2023-07-28 07:52
Modified
2024-10-21 17:43
Severity ?
EPSS score ?
Summary
In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Development System |
Version: 3.5.9.0 ≤ |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T07:01:57.057Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-024", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-3670", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-21T17:43:39.441777Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-21T17:43:52.386Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Development System", vendor: "CODESYS", versions: [ { lessThan: "3.5.17.0", status: "affected", version: "3.5.9.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Scripting", vendor: "CODESYS", versions: [ { lessThan: "4.1.0.0", status: "affected", version: "4.0.0.0", versionType: "semver", }, ], }, ], datePublic: "2023-07-28T07:45:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users.", }, ], value: "In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-668", description: "CWE-668 Exposure of Resource to Wrong Sphere", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-07-28T07:52:33.639Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-024", }, ], source: { advisory: "VDE-2023-024", defect: [ "CERT@VDE#64563", ], discovery: "UNKNOWN", }, title: "Codesys: Vulnerability in CODESYS Development System and CODESYS Scripting", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-3670", datePublished: "2023-07-28T07:52:33.639Z", dateReserved: "2023-07-14T07:43:16.307Z", dateUpdated: "2024-10-21T17:43:52.386Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37559
Vulnerability from cvelistv5
Published
2023-08-03 11:06
Modified
2024-10-11 18:09
Severity ?
EPSS score ?
Summary
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.700Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37559", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T18:07:28.102576Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:09:05.823Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558", }, ], value: "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:06:56.079Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Improper Validation of Consistency within Input in multiple products", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37559", datePublished: "2023-08-03T11:06:56.079Z", dateReserved: "2023-07-07T07:39:19.122Z", dateUpdated: "2024-10-11T18:09:05.823Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37552
Vulnerability from cvelistv5
Published
2023-08-03 11:04
Modified
2024-10-11 18:10
Severity ?
EPSS score ?
Summary
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.508Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37552", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T18:04:09.376275Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:10:33.714Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.<br><br>", }, ], value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:04:04.128Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Improper Input Validation in CmpAppBP", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37552", datePublished: "2023-08-03T11:04:04.128Z", dateReserved: "2023-07-07T07:39:16.323Z", dateUpdated: "2024-10-11T18:10:33.714Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37545
Vulnerability from cvelistv5
Published
2023-08-03 10:59
Modified
2024-10-11 18:14
Severity ?
EPSS score ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.338Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37545", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T17:59:27.383050Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:14:47.934Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550<br><br>", }, ], value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T10:59:28.961Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS: Improper Input Validation in CmpApp component", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37545", datePublished: "2023-08-03T10:59:28.961Z", dateReserved: "2023-07-07T07:39:16.322Z", dateUpdated: "2024-10-11T18:14:47.934Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-47391
Vulnerability from cvelistv5
Published
2023-05-15 09:59
Modified
2025-01-23 19:19
Severity ?
EPSS score ?
Summary
In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:55:07.901Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17555&token=212fc7e39bdd260cab6d6ca84333d42f50bcb3da&download=", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-47391", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-23T19:18:44.576335Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-23T19:19:22.826Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Safety SIL2 PSP", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Edge Gateway for Windows", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Gateway", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", modules: [ "CmpDevice", ], product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Edge Gateway for Linux", vendor: "CODESYS", versions: [ { lessThan: "V4.8.0.0", status: "affected", version: "V0.0.0.0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.", }, ], value: "In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-15T09:59:52.803Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17555&token=212fc7e39bdd260cab6d6ca84333d42f50bcb3da&download=", }, ], source: { discovery: "EXTERNAL", }, title: "CODESYS: Multiple products prone to Improper Input Validation", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-47391", datePublished: "2023-05-15T09:59:52.803Z", dateReserved: "2022-12-14T06:03:27.265Z", dateUpdated: "2025-01-23T19:19:22.826Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37550
Vulnerability from cvelistv5
Published
2023-08-03 11:03
Modified
2024-10-11 18:11
Severity ?
EPSS score ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.425Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37550", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T18:01:46.088420Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:11:18.756Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.<br><br>", }, ], value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:03:09.222Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS: Improper Input Validation in CmpApp component", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37550", datePublished: "2023-08-03T11:03:09.222Z", dateReserved: "2023-07-07T07:39:16.322Z", dateUpdated: "2024-10-11T18:11:18.756Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-4046
Vulnerability from cvelistv5
Published
2023-08-03 12:39
Modified
2024-10-22 19:44
Severity ?
EPSS score ?
Summary
In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: all |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T01:27:54.486Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-025/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-4046", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-22T19:43:34.142141Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-22T19:44:02.247Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, { defaultStatus: "affected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { status: "affected", version: "all", }, ], }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.", }, ], value: "In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T12:39:44.002Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-025/", }, ], source: { defect: [ "CERT@VDE#64299", ], discovery: "EXTERNAL", }, title: "CODESYS: Improper memory restrictions fro CODESYS Control", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-4046", datePublished: "2023-08-03T12:39:44.002Z", dateReserved: "2022-11-17T07:07:09.714Z", dateUpdated: "2024-10-22T19:44:02.247Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37556
Vulnerability from cvelistv5
Published
2023-08-03 11:05
Modified
2024-10-09 20:52
Severity ?
EPSS score ?
Summary
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37555.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.852Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37556", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-09T20:49:03.697246Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-09T20:52:36.722Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37555.<br><br>", }, ], value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37555.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:05:52.986Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Improper Input Validation in CmpAppBP", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37556", datePublished: "2023-08-03T11:05:52.986Z", dateReserved: "2023-07-07T07:39:19.120Z", dateUpdated: "2024-10-09T20:52:36.722Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37554
Vulnerability from cvelistv5
Published
2023-08-03 11:05
Modified
2024-10-11 18:09
Severity ?
EPSS score ?
Summary
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37555 and CVE-2023-37556.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.422Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37554", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T18:05:06.756495Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:09:34.979Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37555 and CVE-2023-37556.<br><br>", }, ], value: "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37555 and CVE-2023-37556.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:05:09.750Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019/", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS Improper Input Validation in CmpAppBP", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37554", datePublished: "2023-08-03T11:05:09.750Z", dateReserved: "2023-07-07T07:39:16.323Z", dateUpdated: "2024-10-11T18:09:34.979Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-6357
Vulnerability from cvelistv5
Published
2023-12-05 14:29
Modified
2024-08-02 08:28
Severity ?
EPSS score ?
Summary
A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:28:21.783Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://https://cert.vde.com/en/advisories/VDE-2023-066", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "4.11.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "4.11.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "4.11.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux ARM SL", vendor: "CODESYS", versions: [ { lessThan: "4.11.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "4.11.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "4.11.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "4.11.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "4.11.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "4.11.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "4.11.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Runtime Toolkit for Linux or QNX", vendor: "CODESYS", versions: [ { lessThan: "3.5.19.50", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Chuya Hayakawa of 00One, Inc.", }, ], datePublic: "2023-12-05T14:25:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device.", }, ], value: "A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-05T14:29:25.649Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://https://cert.vde.com/en/advisories/VDE-2023-066", }, ], source: { advisory: "VDE-2023-066", defect: [ "CERT@VDE#64623", ], discovery: "UNKNOWN", }, title: "OS Command Injection in multiple CODESYS products", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-6357", datePublished: "2023-12-05T14:29:25.649Z", dateReserved: "2023-11-28T07:20:59.774Z", dateUpdated: "2024-08-02T08:28:21.783Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-37547
Vulnerability from cvelistv5
Published
2023-08-03 11:01
Modified
2024-10-11 18:12
Severity ?
EPSS score ?
Summary
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Control for BeagleBone SL |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T17:16:30.418Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-37547", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-11T17:59:39.095120Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-11T18:12:55.550Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.10.0.0", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Safety SIL2 Runtime Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.19.20", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550<br><br>", }, ], value: "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:01:10.534Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-019", }, ], source: { advisory: "VDE-2023-019", defect: [ "CERT@VDE#64558", ], discovery: "EXTERNAL", }, title: "CODESYS: Improper Input Validation in CmpApp component", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-37547", datePublished: "2023-08-03T11:01:10.534Z", dateReserved: "2023-07-07T07:39:16.322Z", dateUpdated: "2024-10-11T18:12:55.550Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-3669
Vulnerability from cvelistv5
Published
2023-08-03 11:11
Modified
2025-02-27 21:11
Severity ?
EPSS score ?
Summary
A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CODESYS | CODESYS Development System |
Version: 3.0.0.0 ≤ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T07:01:57.369Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cert.vde.com/en/advisories/VDE-2023-023", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-3669", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T21:51:08.351739Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-27T21:11:19.916Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Development System", vendor: "CODESYS", versions: [ { lessThan: "3.5.19.20", status: "affected", version: "3.0.0.0", versionType: "semver", }, ], }, ], datePublic: "2023-08-03T10:30:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog.", }, ], value: "A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-307", description: "CWE-307 Improper Restriction of Excessive Authentication Attempts", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-03T11:11:05.068Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://cert.vde.com/en/advisories/VDE-2023-023", }, ], source: { advisory: "VDE-2023-023", defect: [ "CERT@VDE#64562", ], discovery: "UNKNOWN", }, title: "CODESYS: Missing Brute-Force protection in CODESYS Development System", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2023-3669", datePublished: "2023-08-03T11:11:05.068Z", dateReserved: "2023-07-14T07:42:23.825Z", dateUpdated: "2025-02-27T21:11:19.916Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.