ID CVE-2018-20026
Summary Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0.
References
Vulnerable Configurations
  • cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:control_for_empc-a\/imx6_sl:*:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:control_for_empc-a\/imx6_sl:*:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:control_rte_sl_\(for_beckhoff_cx\):*:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:control_rte_sl_\(for_beckhoff_cx\):*:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:control_runtime_toolkit:*:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:control_runtime_toolkit:*:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:gateway:3.5.8.60:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:gateway:3.5.8.60:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:hmi_sl:*:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:hmi_sl:*:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:opc_server:*:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:opc_server:*:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:plchandler:*:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:plchandler:*:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:safety_sil2:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:safety_sil2:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:codesys:targetvisu_sl:*:*:*:*:*:*:*:*
    cpe:2.3:a:codesys:targetvisu_sl:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 106251
misc
Last major update 24-08-2020 - 17:37
Published 19-02-2019 - 21:29
Last modified 24-08-2020 - 17:37
Back to Top