Vulnerabilites related to CODESYS - CODESYS OPC DA Server SL
cve-2022-22517
Vulnerability from cvelistv5
Published
2022-04-07 18:21
Modified
2024-09-16 22:16
Severity ?
EPSS score ?
Summary
An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:14:55.454Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17091&token=c450f8bbbd838c647d102f359356386c6ea5aeca&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "CODESYS Control RTE (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control RTE (for Beckhoff CX) SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control Win (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Gateway", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Edge Gateway for Windows", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Development System V3", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Embedded Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Remote Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS Control for BeagleBone SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Beckhoff CX9020 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for emPC-A/iMX6 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for IOT2000 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Linux SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC100 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PFC200 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for PLCnext SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for Raspberry Pi SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Control for WAGO Touch Panels 600 SL", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS Edge Gateway for Linux", vendor: "CODESYS", versions: [ { lessThan: "V4.5.0.0", status: "affected", version: "V4.5.0.0", versionType: "custom", }, ], }, { product: "CODESYS OPC DA Server SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, { product: "CODESYS PLCHandler", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.0", status: "affected", version: "V3.5.18.0", versionType: "custom", }, ], }, ], datePublic: "2022-04-06T00:00:00", descriptions: [ { lang: "en", value: "An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-334", description: "CWE-334 Small Space of Random Values", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-07T18:21:19", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17091&token=c450f8bbbd838c647d102f359356386c6ea5aeca&download=", }, ], source: { discovery: "UNKNOWN", }, title: "Communication Components in multiple CODESYS products vulnerable to communication channel disruption", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "info@cert.vde.com", DATE_PUBLIC: "2022-04-06T10:00:00.000Z", ID: "CVE-2022-22517", STATE: "PUBLIC", TITLE: "Communication Components in multiple CODESYS products vulnerable to communication channel disruption", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "CODESYS Control RTE (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control RTE (for Beckhoff CX) SL", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control Win (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Gateway", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Edge Gateway for Windows", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS HMI (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Development System V3", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control Runtime System Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Embedded Target Visu Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Remote Target Visu Toolkit", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS Control for BeagleBone SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Beckhoff CX9020 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for emPC-A/iMX6 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for IOT2000 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Linux SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC100 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PFC200 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for PLCnext SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for Raspberry Pi SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Control for WAGO Touch Panels 600 SL", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS Edge Gateway for Linux", version: { version_data: [ { version_affected: "<", version_name: "V4.5.0.0", version_value: "V4.5.0.0", }, ], }, }, { product_name: "CODESYS OPC DA Server SL", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, { product_name: "CODESYS PLCHandler", version: { version_data: [ { version_affected: "<", version_name: "V3.5.18.0", version_value: "V3.5.18.0", }, ], }, }, ], }, vendor_name: "CODESYS", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-334 Small Space of Random Values", }, ], }, ], }, references: { reference_data: [ { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17091&token=c450f8bbbd838c647d102f359356386c6ea5aeca&download=", refsource: "MISC", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17091&token=c450f8bbbd838c647d102f359356386c6ea5aeca&download=", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-22517", datePublished: "2022-04-07T18:21:20.091353Z", dateReserved: "2022-01-03T00:00:00", dateUpdated: "2024-09-16T22:16:04.923Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-31805
Vulnerability from cvelistv5
Published
2022-06-24 07:46
Modified
2024-09-16 18:55
Severity ?
EPSS score ?
Summary
In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | CODESYS | CODESYS Development System |
Version: V2 < V2.3.9.69 Version: V3 < V3.5.18.30 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T07:26:01.086Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17140&token=6aa2c5c4a8b83b8b09936fefed5b0b11f9d2cc6c&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CODESYS Development System", vendor: "CODESYS", versions: [ { lessThan: "V2.3.9.69", status: "affected", version: "V2", versionType: "custom", }, { lessThan: "V3.5.18.30", status: "affected", version: "V3", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Gateway Client", vendor: "CODESYS", versions: [ { lessThan: "V2.3.9.38", status: "affected", version: "V2", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Gateway Server", vendor: "CODESYS", versions: [ { lessThan: "V2.3.9.38", status: "affected", version: "V2", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Web server", vendor: "CODESYS", versions: [ { lessThan: "V1.1.9.23", status: "affected", version: "V1", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS SP Realtime NT", vendor: "CODESYS", versions: [ { lessThan: "V2.3.7.30", status: "affected", version: "V2", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS PLCWinNT", vendor: "CODESYS", versions: [ { lessThan: "V2.4.7.57", status: "affected", version: "V2", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Runtime Toolkit 32 bit full", vendor: "CODESYS", versions: [ { lessThan: "V2.4.7.57", status: "affected", version: "V2", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Edge Gateway for Windows", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.30", status: "affected", version: "V3", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS HMI (SL)", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.30", status: "affected", version: "V3", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS OPC DA Server SL", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.30", status: "affected", version: "V3", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS PLCHandler", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.30", status: "affected", version: "V3", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "CODESYS Gateway", vendor: "CODESYS", versions: [ { lessThan: "V3.5.18.30", status: "affected", version: "V3", versionType: "custom", }, ], }, ], datePublic: "2022-06-22T22:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected.</p>", }, ], value: "In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-523", description: "CWE-523 Unprotected Transport of Credentials", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-05-09T12:54:39.506Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17140&token=6aa2c5c4a8b83b8b09936fefed5b0b11f9d2cc6c&download=", }, ], source: { defect: [ "CERT@VDE#", "64140", ], discovery: "UNKNOWN", }, title: "Insecure transmission of credentials", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "info@cert.vde.com", DATE_PUBLIC: "2022-06-23T10:00:00.000Z", ID: "CVE-2022-31805", STATE: "PUBLIC", TITLE: "Insecure transmission of credentials", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "CODESYS Development System", version: { version_data: [ { version_affected: "<", version_name: "V2", version_value: "V2.3.9.69", }, { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Gateway Client", version: { version_data: [ { version_affected: "<", version_name: "V2", version_value: "V2.3.9.38", }, ], }, }, { product_name: "CODESYS Gateway Server", version: { version_data: [ { version_affected: "<", version_name: "V2", version_value: "V2.3.9.38", }, ], }, }, { product_name: "CODESYS Web server", version: { version_data: [ { version_affected: "<", version_name: "V1", version_value: "V1.1.9.23", }, ], }, }, { product_name: "CODESYS SP Realtime NT", version: { version_data: [ { version_affected: "<", version_name: "V2", version_value: "V2.3.7.30", }, ], }, }, { product_name: "CODESYS PLCWinNT", version: { version_data: [ { version_affected: "<", version_name: "V2", version_value: "V2.4.7.57", }, ], }, }, { product_name: "CODESYS Runtime Toolkit 32 bit full", version: { version_data: [ { version_affected: "<", version_name: "V2", version_value: "V2.4.7.57", }, ], }, }, { product_name: "CODESYS Edge Gateway for Windows", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS HMI (SL)", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS OPC DA Server SL", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS PLCHandler", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, { product_name: "CODESYS Gateway", version: { version_data: [ { version_affected: "<", version_name: "V3", version_value: "V3.5.18.20", }, ], }, }, ], }, vendor_name: "CODESYS", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-523 Unprotected Transport of Credentials", }, ], }, ], }, references: { reference_data: [ { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17140&token=6aa2c5c4a8b83b8b09936fefed5b0b11f9d2cc6c&download=", refsource: "CONFIRM", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17140&token=6aa2c5c4a8b83b8b09936fefed5b0b11f9d2cc6c&download=", }, ], }, source: { defect: [ "CERT@VDE#", "64140", ], discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2022-31805", datePublished: "2022-06-24T07:46:15.076016Z", dateReserved: "2022-05-30T00:00:00", dateUpdated: "2024-09-16T18:55:26.939Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }