Vulnerabilites related to codesys - runtime_system_toolkit
cve-2019-13542
Vulnerability from cvelistv5
Published
2019-09-17 18:56
Modified
2024-08-04 23:57
Severity ?
EPSS score ?
Summary
3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server, all versions 3.5.11.0 to 3.5.15.0, allows an attacker to send crafted requests from a trusted OPC UA client that cause a NULL pointer dereference, which may trigger a denial-of-service condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.us-cert.gov/ics/advisories/icsa-19-255-04 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| GmbH | 3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server |
Version: all versions 3.5.11.0 to 3.5.15.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:57:39.459Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-04", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server", vendor: "GmbH", versions: [ { status: "affected", version: "all versions 3.5.11.0 to 3.5.15.0", }, ], }, ], descriptions: [ { lang: "en", value: "3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server, all versions 3.5.11.0 to 3.5.15.0, allows an attacker to send crafted requests from a trusted OPC UA client that cause a NULL pointer dereference, which may trigger a denial-of-service condition.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "NULL POINTER DEREFERENCE CWE-476", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-09-17T18:56:45", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-04", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "ics-cert@hq.dhs.gov", ID: "CVE-2019-13542", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server", version: { version_data: [ { version_value: "all versions 3.5.11.0 to 3.5.15.0", }, ], }, }, ], }, vendor_name: "GmbH", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server, all versions 3.5.11.0 to 3.5.15.0, allows an attacker to send crafted requests from a trusted OPC UA client that cause a NULL pointer dereference, which may trigger a denial-of-service condition.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "NULL POINTER DEREFERENCE CWE-476", }, ], }, ], }, references: { reference_data: [ { name: "https://www.us-cert.gov/ics/advisories/icsa-19-255-04", refsource: "MISC", url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-04", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2019-13542", datePublished: "2019-09-17T18:56:45", dateReserved: "2019-07-11T00:00:00", dateUpdated: "2024-08-04T23:57:39.459Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-25048
Vulnerability from cvelistv5
Published
2023-03-23 10:45
Modified
2025-02-19 21:00
Severity ?
EPSS score ?
Summary
The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T12:26:39.648Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://customers.codesys.com/fileadmin/data/customers/security/2018/Advisory2018-04_CDS-59017.pdf", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2018-25048", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-19T21:00:23.308028Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-02-19T21:00:29.711Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Control for BeagleBone", vendor: "CODESYS", versions: [ { lessThan: "3.5.12.30", status: "affected", version: "3.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: " Control for emPC-A/iMX6", vendor: "CODESYS", versions: [ { lessThan: "3.5.12.30", status: "affected", version: "3.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "Control for IOT2000", vendor: "CODESYS", versions: [ { lessThan: "3.5.12.30", status: "affected", version: "3.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "Control for PFC100", vendor: "CODESYS", versions: [ { lessThan: "3.5.12.30", status: "affected", version: "3.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "Control for PFC200", vendor: "CODESYS", versions: [ { lessThan: "3.5.12.30", status: "affected", version: "3.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "Control for Raspberry Pi", vendor: "CODESYS", versions: [ { lessThan: "3.5.12.30", status: "affected", version: "3.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "Control RTE V3 (all variants)", vendor: "CODESYS", versions: [ { lessThan: "3.5.12.30", status: "affected", version: "3.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "Control Win V3 (all variants)", vendor: "CODESYS", versions: [ { lessThan: "3.5.12.30", status: "affected", version: "3.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "V3 Simulation Runtime (part of the CODESYS Development System)", vendor: "CODESYS", versions: [ { lessThan: "3.5.12.30", status: "affected", version: "3.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "HMI V3 (all variants)", vendor: "CODESYS", versions: [ { lessThan: "3.5.12.30", status: "affected", version: "3.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "V3 Remote Target Visu (all variants)", vendor: "CODESYS", versions: [ { lessThan: "3.5.12.30", status: "affected", version: "3.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "Control V3 Runtime System Toolkit", vendor: "CODESYS", versions: [ { lessThan: "3.5.12.30", status: "affected", version: "3.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "V3 Embedded Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "3.5.12.30", status: "affected", version: "3.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "V3 Remote Target Visu Toolkit", vendor: "CODESYS", versions: [ { lessThan: "3.5.12.30", status: "affected", version: "3.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "Runtime Toolkit 32 bit embedded", vendor: "CODESYS", versions: [ { lessThan: "2.3.2.10", status: "affected", version: "2.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "Runtime Toolkit 32 bit full", vendor: "CODESYS", versions: [ { lessThan: "2.4.7.52", status: "affected", version: "2.0.0.0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "Runtime PLCWinNT", vendor: "CODESYS", versions: [ { lessThan: "2.4.7.52", status: "affected", version: "2.0.0.0", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "reporter", user: "00000000-0000-4000-9000-000000000000", value: " Prosoft-Systems Ltd.", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device.", }, ], value: "The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device.", }, ], impacts: [ { capecId: "CAPEC-126", descriptions: [ { lang: "en", value: "CAPEC-126 Path Traversal", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-23T10:45:36.900Z", orgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", shortName: "CERTVDE", }, references: [ { url: "https://customers.codesys.com/fileadmin/data/customers/security/2018/Advisory2018-04_CDS-59017.pdf", }, ], source: { defect: [ "CERT@VDE#64324", ], discovery: "EXTERNAL", }, title: "Codesys Runtime Improper Limitation of a Pathname", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "270ccfa6-a436-4e77-922e-914ec3a9685c", assignerShortName: "CERTVDE", cveId: "CVE-2018-25048", datePublished: "2023-03-23T10:45:36.900Z", dateReserved: "2022-12-07T12:06:08.365Z", dateUpdated: "2025-02-19T21:00:29.711Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-9009
Vulnerability from cvelistv5
Published
2019-09-17 15:34
Modified
2024-08-04 21:31
Severity ?
EPSS score ?
Summary
An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.us-cert.gov/ics/advisories/icsa-19-255-05 | x_refsource_MISC | |
| https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12941&token=50fabe3870c7bdc41701eb1799dddeec103de40c&download= | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T21:31:37.644Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-05", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12941&token=50fabe3870c7bdc41701eb1799dddeec103de40c&download=", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-11T11:23:45", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-05", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12941&token=50fabe3870c7bdc41701eb1799dddeec103de40c&download=", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-9009", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.us-cert.gov/ics/advisories/icsa-19-255-05", refsource: "MISC", url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-05", }, { name: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12941&token=50fabe3870c7bdc41701eb1799dddeec103de40c&download=", refsource: "CONFIRM", url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12941&token=50fabe3870c7bdc41701eb1799dddeec103de40c&download=", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-9009", datePublished: "2019-09-17T15:34:42", dateReserved: "2019-02-22T00:00:00", dateUpdated: "2024-08-04T21:31:37.644Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2019-09-17 16:15
Modified
2024-11-21 04:50
Severity ?
Summary
An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12941&token=50fabe3870c7bdc41701eb1799dddeec103de40c&download= | Vendor Advisory | |
| cve@mitre.org | https://www.us-cert.gov/ics/advisories/icsa-19-255-05 | Mitigation, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12941&token=50fabe3870c7bdc41701eb1799dddeec103de40c&download= | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-19-255-05 | Mitigation, Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codesys | control_for_beaglebone | * | |
| codesys | control_for_empc-a\/imx6 | * | |
| codesys | control_for_iot2000 | * | |
| codesys | control_for_pfc100 | * | |
| codesys | control_for_pfc200 | * | |
| codesys | control_for_raspberry_pi | * | |
| codesys | control_rte | * | |
| codesys | control_win | * | |
| codesys | gateway | * | |
| codesys | hmi | * | |
| codesys | linux | * | |
| codesys | runtime_system_toolkit | * | |
| codesys | safety_sil2 | * | |
| codesys | simulation_runtime | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:*", matchCriteriaId: "958821C8-142A-4B67-857B-63A6AD53E1B8", versionEndExcluding: "3.5.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*", matchCriteriaId: "B9940444-8CFD-4044-8662-FDC11E93E6E4", versionEndExcluding: "3.5.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000:*:*:*:*:*:*:*:*", matchCriteriaId: "805D48DF-DA8F-40AB-B7AE-B2F0A75616E9", versionEndExcluding: "3.5.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100:*:*:*:*:*:*:*:*", matchCriteriaId: "EAEAC81A-4FFA-4692-961D-7DF58E2B0CDE", versionEndExcluding: "3.5.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200:*:*:*:*:*:*:*:*", matchCriteriaId: "2506A775-D1FB-4C2F-98EC-B781AA19E340", versionEndExcluding: "3.5.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi:*:*:*:*:*:*:*:*", matchCriteriaId: "963C9351-B167-4C1F-914E-A7009A532A0F", versionEndExcluding: "3.5.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:*", matchCriteriaId: "0A5F978B-5245-41D9-B11C-B27703A2A090", versionEndExcluding: "3.5.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", matchCriteriaId: "1429532E-76A8-4987-B916-AA3FD7C37E06", versionEndExcluding: "3.5.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "563FD9B0-D6F5-4A4C-A43D-555C2DC60DD4", versionEndExcluding: "3.5.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "ABFC0D89-BD79-4032-B0CA-08C4F8EA1776", versionEndExcluding: "3.5.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:linux:*:*:*:*:*:*:*:*", matchCriteriaId: "4A2B09D6-8FD2-46FA-A1B2-55B7E996D71B", versionEndExcluding: "3.5.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "417EFF04-1584-44C3-8AD9-593174089A31", versionEndExcluding: "3.5.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*", matchCriteriaId: "139851DD-0E16-4C8D-AA55-0231B2C443A7", versionEndExcluding: "3.5.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:simulation_runtime:*:*:*:*:*:*:*:*", matchCriteriaId: "3FB11CE8-8B22-4D2D-A0A9-4D23C30A3FF5", versionEndExcluding: "3.5.15.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash.", }, { lang: "es", value: "Se descubrió un problema en 3S-Smart CODESYS versiones anteriores a 3.5.15.0. Unos paquetes de red diseñados causan que el Control Runtime se bloquee.", }, ], id: "CVE-2019-9009", lastModified: "2024-11-21T04:50:48.197", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-09-17T16:15:11.077", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12941&token=50fabe3870c7bdc41701eb1799dddeec103de40c&download=", }, { source: "cve@mitre.org", tags: [ "Mitigation", "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12941&token=50fabe3870c7bdc41701eb1799dddeec103de40c&download=", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-05", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-09-17 19:15
Modified
2024-11-21 04:25
Severity ?
Summary
3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server, all versions 3.5.11.0 to 3.5.15.0, allows an attacker to send crafted requests from a trusted OPC UA client that cause a NULL pointer dereference, which may trigger a denial-of-service condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.us-cert.gov/ics/advisories/icsa-19-255-04 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.us-cert.gov/ics/advisories/icsa-19-255-04 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codesys | control_for_beaglebone | * | |
| codesys | control_for_empc-a\/imx6 | * | |
| codesys | control_for_iot2000 | * | |
| codesys | control_for_pfc100 | * | |
| codesys | control_for_pfc200 | * | |
| codesys | control_for_raspberry_pi | * | |
| codesys | control_rte | * | |
| codesys | control_win | * | |
| codesys | linux | * | |
| codesys | runtime_system_toolkit | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:*", matchCriteriaId: "71439C06-3F84-4AC4-AC41-4E0AB9AC210C", versionEndExcluding: "3.5.15.0", versionStartIncluding: "3.5.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*", matchCriteriaId: "11BD175F-8CBB-45A0-870D-E56E6B57FBB2", versionEndExcluding: "3.5.15.0", versionStartIncluding: "3.5.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000:*:*:*:*:*:*:*:*", matchCriteriaId: "2EA5147D-D5AB-4352-95EE-0D90C80781B5", versionEndExcluding: "3.5.15.0", versionStartIncluding: "3.5.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100:*:*:*:*:*:*:*:*", matchCriteriaId: "45DBEFC0-1336-4170-8EA7-A6871AC505CD", versionEndExcluding: "3.5.15.0", versionStartIncluding: "3.5.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200:*:*:*:*:*:*:*:*", matchCriteriaId: "1C5F1F99-93B3-4F16-B864-023F956601FF", versionEndExcluding: "3.5.15.0", versionStartIncluding: "3.5.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi:*:*:*:*:*:*:*:*", matchCriteriaId: "2AF22400-3C26-4D90-AC04-FCAC171EE435", versionEndExcluding: "3.5.15.0", versionStartIncluding: "3.5.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:*", matchCriteriaId: "67E16675-C26E-43C4-9140-CCA4E466C693", versionEndExcluding: "3.5.15.0", versionStartIncluding: "3.5.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", matchCriteriaId: "E32E1F58-72F8-410B-A8C3-7E8DEA67D4A3", versionEndExcluding: "3.5.15.0", versionStartIncluding: "3.5.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:linux:*:*:*:*:*:*:*:*", matchCriteriaId: "40343F22-A7DB-4EFF-A58C-957128A7AC96", versionEndExcluding: "3.5.15.0", versionStartIncluding: "3.5.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "CC74338D-F093-4D49-B56D-3EF17232F98A", versionEndExcluding: "3.5.15.0", versionStartIncluding: "3.5.11.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server, all versions 3.5.11.0 to 3.5.15.0, allows an attacker to send crafted requests from a trusted OPC UA client that cause a NULL pointer dereference, which may trigger a denial-of-service condition.", }, { lang: "es", value: "3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server, todas las versiones desde 3.5.11.0 hasta 3.5.15.0, permite a un atacante enviar peticiones diseñadas desde un cliente OPC UA confiable que causa una desreferencia del puntero NULL, lo que puede desencadenar una condición de denegación de servicio.", }, ], id: "CVE-2019-13542", lastModified: "2024-11-21T04:25:06.737", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-09-17T19:15:10.757", references: [ { source: "ics-cert@hq.dhs.gov", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-04", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.us-cert.gov/ics/advisories/icsa-19-255-04", }, ], sourceIdentifier: "ics-cert@hq.dhs.gov", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "ics-cert@hq.dhs.gov", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-03-23 11:15
Modified
2024-11-21 04:03
Severity ?
Summary
The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| codesys | control_for_beaglebone | * | |
| codesys | control_for_empc-a\/imx6 | * | |
| codesys | control_for_iot2000 | * | |
| codesys | control_for_pfc100 | * | |
| codesys | control_for_pfc200 | * | |
| codesys | control_for_raspberry_pi | * | |
| codesys | control_rte | * | |
| codesys | control_v3_runtime_system_toolkit | * | |
| codesys | control_win | * | |
| codesys | embedded_target_visu_toolkit | * | |
| codesys | hmi | * | |
| codesys | remote_target_visu_toolkit | * | |
| codesys | runtime_plcwinnt | * | |
| codesys | runtime_system_toolkit | * | |
| codesys | runtime_system_toolkit | 3.5.15.0 | |
| codesys | simulation_runtime | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:*", matchCriteriaId: "B29080C3-A6D8-40D6-8C24-177C00FA27F0", versionEndExcluding: "3.5.12.30", versionStartIncluding: "3.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*", matchCriteriaId: "B980C936-557F-4F14-A692-165129625A62", versionEndExcluding: "3.5.12.30", versionStartIncluding: "3.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_iot2000:*:*:*:*:*:*:*:*", matchCriteriaId: "D282ECAB-FA07-4A81-8F43-AC46A08422D4", versionEndExcluding: "3.5.12.30", versionStartIncluding: "3.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc100:*:*:*:*:*:*:*:*", matchCriteriaId: "AC1C508C-6817-42E7-9B4C-CDCAC7477304", versionEndExcluding: "3.5.12.30", versionStartIncluding: "3.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_pfc200:*:*:*:*:*:*:*:*", matchCriteriaId: "C1ECCA6D-3F95-4924-9CC6-7315B1608217", versionEndExcluding: "3.5.12.30", versionStartIncluding: "3.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_for_raspberry_pi:*:*:*:*:*:*:*:*", matchCriteriaId: "093C888E-8328-45E9-882C-39D7FBE8E251", versionEndExcluding: "3.5.12.30", versionStartIncluding: "3.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:*", matchCriteriaId: "4E767B6C-7762-4F3C-A8B0-BEC9C1C238D8", versionEndExcluding: "3.5.12.30", versionStartIncluding: "3.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_v3_runtime_system_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "2DDCE092-30E5-43FB-A20F-A712DFD7B1C3", versionEndExcluding: "3.5.12.30", versionStartIncluding: "3.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*", matchCriteriaId: "A47EA342-7BDA-4707-9A23-142126C407C1", versionEndExcluding: "3.5.12.30", versionStartIncluding: "3.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "A0FE0CC3-99BF-46BF-907D-E8F2785310BB", versionEndExcluding: "3.5.12.30", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*", matchCriteriaId: "157E617E-7432-464A-AEC4-29D3806FA2D2", versionEndExcluding: "3.5.12.30", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*", matchCriteriaId: "D95B012B-C9B0-4E2A-934B-3ECDE463722E", versionEndExcluding: "3.5.12.30", versionStartIncluding: "3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:runtime_plcwinnt:*:*:*:*:*:*:*:*", matchCriteriaId: "8931A117-72B6-4B1C-BF56-E7925D07A790", versionEndExcluding: "2.4.7.52", versionStartIncluding: "2.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:runtime_system_toolkit:*:*:*:*:*:*:x86:*", matchCriteriaId: "46335A20-A1BF-4E5B-BB1D-B7A4AFF6DB08", versionEndExcluding: "2.4.7.52", versionStartIncluding: "2.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:runtime_system_toolkit:3.5.15.0:*:*:*:*:*:*:*", matchCriteriaId: "7A3A8DFF-705F-4562-87CE-E899C5DC2D18", vulnerable: true, }, { criteria: "cpe:2.3:a:codesys:simulation_runtime:*:*:*:*:*:*:*:*", matchCriteriaId: "9DD3AD40-BEE7-428D-B1F0-1349E10A9DD5", versionEndExcluding: "3.5.12.30", versionStartIncluding: "3.0.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device.", }, ], id: "CVE-2018-25048", lastModified: "2024-11-21T04:03:26.283", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "info@cert.vde.com", type: "Primary", }, ], }, published: "2023-03-23T11:15:12.730", references: [ { source: "info@cert.vde.com", tags: [ "Not Applicable", ], url: "https://customers.codesys.com/fileadmin/data/customers/security/2018/Advisory2018-04_CDS-59017.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "https://customers.codesys.com/fileadmin/data/customers/security/2018/Advisory2018-04_CDS-59017.pdf", }, ], sourceIdentifier: "info@cert.vde.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "info@cert.vde.com", type: "Primary", }, ], }