All the vulnerabilites related to CODESYS - Development System V3
cve-2022-4224
Vulnerability from cvelistv5
Published
2023-03-23 11:15
Modified
2024-08-03 01:34
Severity ?
EPSS score ?
Summary
CODESYS: Exposure of Resource to Wrong Sphere in CODESYS V3
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:34:49.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17553\u0026token=cf49757d232ea8021f0c0dd6c65e71ea5942b12d\u0026download="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Control RTE (SL) ",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.19.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Control RTE (for Beckhoff CX) SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.19.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Control Win (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.19.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": " Runtime Toolkit ",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.19.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Safety SIL2 Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.19.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Safety SIL2 PSP",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.19.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "HMI (SL) ",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.19.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Development System V3",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.19.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": " Control for BeagleBone SL ",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.8.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Control for emPC-A/iMX6 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.8.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Control for IOT2000 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.8.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Control for Linux SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.8.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": " Control for PFC100 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.8.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": " Control for PFC200 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.8.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Control for PLCnext SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.8.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Control for Raspberry Pi SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.8.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Control for WAGO Touch Panels 600 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.8.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Franklin Zhao from ELEX FEIGONG RESEARCH INSTITUTE of Elex CyberSecurity"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Reid Wightman of Dragos"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In multiple products of CODESYS v3 in multiple versions a remote low privileged user\u0026nbsp;could utilize this vulnerability to read and modify system files and OS resources or DoS the device."
}
],
"value": "In multiple products of CODESYS v3 in multiple versions a remote low privileged user\u00a0could utilize this vulnerability to read and modify system files and OS resources or DoS the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-09T10:47:13.144Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17553\u0026token=cf49757d232ea8021f0c0dd6c65e71ea5942b12d\u0026download="
}
],
"source": {
"defect": [
"CERT@VDE#64318"
],
"discovery": "EXTERNAL"
},
"title": "CODESYS: Exposure of Resource to Wrong Sphere in CODESYS V3",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2022-4224",
"datePublished": "2023-03-23T11:15:37.014Z",
"dateReserved": "2022-11-30T06:54:13.183Z",
"dateUpdated": "2024-08-03T01:34:49.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201902-0732
Vulnerability from variot
Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0. CODESYS V3 The product contains vulnerabilities related to security functions.Information may be obtained. 3S-Smart CODESYS Control for BeagleBone, etc. are all German 3S-Smart Software Solutions company's programming software for industrial control system development.
A security vulnerability exists in several 3S-Smart Software Solutions products, which stems from programs that do not properly restrict communication channels. An attacker could use this vulnerability to impersonate the source of a communication packet. The following products are affected: 3S-Smart CODESYS Control for BeagleBone, CODESYS Control for emPC-A / iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control RTE V3, CODESYS Control RTE V3 (for Beckhoff CX), CODESYS Control Win V3 (part of CODESYS Development System setup), CODESYS Control V3 Runtime System Toolkit, CODESYS V3 Embedded Target Visu Toolkit, CODESYS V3 Remote Target Visu Toolkit, CODESYS V3 Safety SIL2, CODESYS Gateway V3, CODESYS HMI V3, CODESYS OPC Server V3, CODESYS PLCHandler SDK, CODESYS V3 Development System, CODESYS V3 Simulation Runtime (part of CODESYS Development System). 3S-Smart Software CODESYS is prone to the following security vulnerabilities: 1. An insecure random number generator weakness 3. A spoofing vulnerability An attacker can exploit these vulnerabilities to bypass security restrictions and perform certain unauthorized actions and to insert and display spoofed content. Other attacks are also possible
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201902-0732",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "codesys control rte v3",
"scope": null,
"trust": 1.6,
"vendor": "3s smart",
"version": null
},
{
"model": "control for empc-a\\/imx6 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control for raspberry pi sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for linux sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control runtime toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control rte sl \\",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "development system v3",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control win sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control for iot2000 sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "safety sil2",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for beaglebone sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control rte sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "plchandler",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "opc server",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for pfc200 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control runtime toolkit",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for iot2000 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control for linux sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for pfc100 sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for raspberry pi sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control for pfc200 sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "targetvisu sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "hmi sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "targetvisu sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for beaglebone sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control rte sl \\",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control win sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "development system v3",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control for empc-a\\/imx6 sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for pfc100 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "opc server",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "safety sil2",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "plchandler",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control rte sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "hmi sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "codesys control for beaglebone",
"scope": null,
"trust": 0.8,
"vendor": "3s smart",
"version": null
},
{
"model": "codesys control for empc-a/imx6",
"scope": null,
"trust": 0.8,
"vendor": "3s smart",
"version": null
},
{
"model": "codesys control for iot2000",
"scope": null,
"trust": 0.8,
"vendor": "3s smart",
"version": null
},
{
"model": "codesys control for linux",
"scope": null,
"trust": 0.8,
"vendor": "3s smart",
"version": null
},
{
"model": "codesys control for pfc100",
"scope": null,
"trust": 0.8,
"vendor": "3s smart",
"version": null
},
{
"model": "codesys control for pfc200",
"scope": null,
"trust": 0.8,
"vendor": "3s smart",
"version": null
},
{
"model": "codesys control for raspberry pi",
"scope": null,
"trust": 0.8,
"vendor": "3s smart",
"version": null
},
{
"model": "codesys control runtime system toolkit",
"scope": null,
"trust": 0.8,
"vendor": "3s smart",
"version": null
},
{
"model": "codesys simulation runtime",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "v30"
},
{
"model": "codesys safety sil2",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "v30"
},
{
"model": "codesys remote target visu toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "v30"
},
{
"model": "codesys embedded target visu toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "v30"
},
{
"model": "codesys development system",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "v30"
},
{
"model": "codesys plchandler sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "0"
},
{
"model": "codesys opc server",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "v30"
},
{
"model": "codesys hmi",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "3"
},
{
"model": "codesys control win",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "v30"
},
{
"model": "codesys control runtime system toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "v30"
},
{
"model": "codesys control rte",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "3"
},
{
"model": "codesys control for raspberry pi",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "0"
},
{
"model": "codesys control for pfc200",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "0"
},
{
"model": "codesys control for pfc100",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "0"
},
{
"model": "codesys control for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "0"
},
{
"model": "codesys control for iot2000",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "0"
},
{
"model": "codesys control for empc-a/imx6",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "0"
},
{
"model": "codesys control for beaglebone",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "106251"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014638"
},
{
"db": "NVD",
"id": "CVE-2018-20026"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_runtime_toolkit:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:hmi_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:plchandler:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:opc_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:targetvisu_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-20026"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alexander Nochvay from Kaspersky Lab",
"sources": [
{
"db": "BID",
"id": "106251"
}
],
"trust": 0.3
},
"cve": "CVE-2018-20026",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-20026",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-130791",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-20026",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-20026",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-787",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-130791",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130791"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014638"
},
{
"db": "NVD",
"id": "CVE-2018-20026"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-787"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0. CODESYS V3 The product contains vulnerabilities related to security functions.Information may be obtained. 3S-Smart CODESYS Control for BeagleBone, etc. are all German 3S-Smart Software Solutions company\u0027s programming software for industrial control system development. \n\nA security vulnerability exists in several 3S-Smart Software Solutions products, which stems from programs that do not properly restrict communication channels. An attacker could use this vulnerability to impersonate the source of a communication packet. The following products are affected: 3S-Smart CODESYS Control for BeagleBone, CODESYS Control for emPC-A / iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control RTE V3, CODESYS Control RTE V3 (for Beckhoff CX), CODESYS Control Win V3 (part of CODESYS Development System setup), CODESYS Control V3 Runtime System Toolkit, CODESYS V3 Embedded Target Visu Toolkit, CODESYS V3 Remote Target Visu Toolkit, CODESYS V3 Safety SIL2, CODESYS Gateway V3, CODESYS HMI V3, CODESYS OPC Server V3, CODESYS PLCHandler SDK, CODESYS V3 Development System, CODESYS V3 Simulation Runtime (part of CODESYS Development System). 3S-Smart Software CODESYS is prone to the following security vulnerabilities:\n1. An insecure random number generator weakness\n3. A spoofing vulnerability\nAn attacker can exploit these vulnerabilities to bypass security restrictions and perform certain unauthorized actions and to insert and display spoofed content. Other attacks are also possible",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-20026"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014638"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-787"
},
{
"db": "BID",
"id": "106251"
},
{
"db": "VULHUB",
"id": "VHN-130791"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-20026",
"trust": 2.8
},
{
"db": "ICS CERT",
"id": "ICSA-18-352-04",
"trust": 2.8
},
{
"db": "BID",
"id": "106251",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014638",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-787",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-130791",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130791"
},
{
"db": "BID",
"id": "106251"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014638"
},
{
"db": "NVD",
"id": "CVE-2018-20026"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-787"
}
]
},
"id": "VAR-201902-0732",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-130791"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:33:33.639000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.codesys.com/"
},
{
"title": "Multiple 3S-Smart Software Solutions Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87985"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014638"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-787"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130791"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014638"
},
{
"db": "NVD",
"id": "CVE-2018-20026"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-036-codesys-control-v3-improper-communication-address-filtering/"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/106251"
},
{
"trust": 2.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-352-04"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20026"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-20026"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ics/advisories/icsa-18-352-04"
},
{
"trust": 0.3,
"url": "https://www.codesys.com/"
},
{
"trust": 0.3,
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-037-codesys-control-v3-use-of-insufficiently-random-values/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-130791"
},
{
"db": "BID",
"id": "106251"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014638"
},
{
"db": "NVD",
"id": "CVE-2018-20026"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-787"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-130791"
},
{
"db": "BID",
"id": "106251"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014638"
},
{
"db": "NVD",
"id": "CVE-2018-20026"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-787"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-02-19T00:00:00",
"db": "VULHUB",
"id": "VHN-130791"
},
{
"date": "2018-12-18T00:00:00",
"db": "BID",
"id": "106251"
},
{
"date": "2019-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014638"
},
{
"date": "2019-02-19T21:29:00.290000",
"db": "NVD",
"id": "CVE-2018-20026"
},
{
"date": "2018-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-787"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-130791"
},
{
"date": "2018-12-18T00:00:00",
"db": "BID",
"id": "106251"
},
{
"date": "2019-07-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014638"
},
{
"date": "2023-03-29T18:40:10.533000",
"db": "NVD",
"id": "CVE-2018-20026"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-787"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-787"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS V3 Vulnerabilities related to security functions in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014638"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security feature problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-787"
}
],
"trust": 0.6
}
}
var-201901-0452
Vulnerability from variot
In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user credentials. 3S-Smart CODESYS Control for BeagleBone, etc. are all German 3S-Smart Software Solutions company's programming software for industrial control system development. The following products and versions are affected: 3S-Smart CODESYS Control for BeagleBone, CODESYS Control for emPC-A / iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control RTE V3, CODESYS Control RTE V3 (for Beckhoff CX), CODESYS Control Win V3 (part of CODESYS setup), CODESYS V3 Simulation Runtime (part of CODESYS Development System), CODESYS Control V3 Runtime System Toolkit, CODESYS HMI V3. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Successful exploitation may aid in launching further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201901-0452",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "control for empc-a\\/imx6 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control for raspberry pi sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for linux sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control runtime toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "development system v3",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control win sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control for iot2000 sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for beaglebone sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control rte sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for pfc200 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control runtime toolkit",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for iot2000 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control for linux sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for pfc100 sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for raspberry pi sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control for pfc200 sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "hmi sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for beaglebone sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "development system v3",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control win sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for empc-a\\/imx6 sl",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control for pfc100 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "control rte sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "hmi sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.0"
},
{
"model": "codesys control for beaglebone",
"scope": "lt",
"trust": 0.8,
"vendor": "3s smart",
"version": "3.5.14.0"
},
{
"model": "codesys control for empc-a/imx6",
"scope": "lt",
"trust": 0.8,
"vendor": "3s smart",
"version": "3.5.14.0"
},
{
"model": "codesys control for iot2000",
"scope": "lt",
"trust": 0.8,
"vendor": "3s smart",
"version": "3.5.14.0"
},
{
"model": "codesys control for linux",
"scope": "lt",
"trust": 0.8,
"vendor": "3s smart",
"version": "3.5.14.0"
},
{
"model": "codesys control for pfc100",
"scope": "lt",
"trust": 0.8,
"vendor": "3s smart",
"version": "3.5.14.0"
},
{
"model": "codesys control for pfc200",
"scope": "lt",
"trust": 0.8,
"vendor": "3s smart",
"version": "3.5.14.0"
},
{
"model": "codesys control for raspberry pi",
"scope": "lt",
"trust": 0.8,
"vendor": "3s smart",
"version": "3.5.14.0"
},
{
"model": "codesys control rte v3",
"scope": "lt",
"trust": 0.8,
"vendor": "3s smart",
"version": "3.5.14.0"
},
{
"model": "codesys control runtime toolkit",
"scope": "lt",
"trust": 0.8,
"vendor": "3s smart",
"version": "3.5.14.0"
},
{
"model": "codesys control win sl",
"scope": "lt",
"trust": 0.8,
"vendor": "3s smart",
"version": "3.5.14.0"
},
{
"model": "codesys simulation runtime",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "v30"
},
{
"model": "codesys hmi",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "3"
},
{
"model": "codesys control runtime system toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "v30"
},
{
"model": "codesys control rte",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "3"
},
{
"model": "codesys control for raspberry pi",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "0"
},
{
"model": "codesys control for pfc200",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "0"
},
{
"model": "codesys control for pfc100",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "0"
},
{
"model": "codesys control for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "0"
},
{
"model": "codesys control for iot2000",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "0"
},
{
"model": "codesys control for empc-a/imx6",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "0"
},
{
"model": "codesys control for beaglebone",
"scope": "eq",
"trust": 0.3,
"vendor": "3s",
"version": "0"
},
{
"model": "codesys control",
"scope": "ne",
"trust": 0.3,
"vendor": "3s",
"version": "v33.5.14.0"
}
],
"sources": [
{
"db": "BID",
"id": "106248"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014602"
},
{
"db": "NVD",
"id": "CVE-2018-10612"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:development_system_v3:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:hmi_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_runtime_toolkit:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.14.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10612"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yury Serdyuk of Kaspersky Lab",
"sources": [
{
"db": "BID",
"id": "106248"
}
],
"trust": 0.3
},
"cve": "CVE-2018-10612",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-10612",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-10612",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-10612",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-788",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2018-10612",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-10612"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014602"
},
{
"db": "NVD",
"id": "CVE-2018-10612"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-788"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user credentials. 3S-Smart CODESYS Control for BeagleBone, etc. are all German 3S-Smart Software Solutions company\u0027s programming software for industrial control system development. The following products and versions are affected: 3S-Smart CODESYS Control for BeagleBone, CODESYS Control for emPC-A / iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control RTE V3, CODESYS Control RTE V3 (for Beckhoff CX), CODESYS Control Win V3 (part of CODESYS setup), CODESYS V3 Simulation Runtime (part of CODESYS Development System), CODESYS Control V3 Runtime System Toolkit, CODESYS HMI V3. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Successful exploitation may aid in launching further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10612"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014602"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-788"
},
{
"db": "BID",
"id": "106248"
},
{
"db": "VULMON",
"id": "CVE-2018-10612"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "ICS CERT",
"id": "ICSA-18-352-03",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2018-10612",
"trust": 2.8
},
{
"db": "BID",
"id": "106248",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014602",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-788",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2018-10612",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-10612"
},
{
"db": "BID",
"id": "106248"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014602"
},
{
"db": "NVD",
"id": "CVE-2018-10612"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-788"
}
]
},
"id": "VAR-201901-0452",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24064171
},
"last_update_date": "2023-12-18T13:48:03.069000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.codesys.com/"
},
{
"title": "Multiple 3S-Smart Software Solutions Product access control error vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87999"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014602"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-788"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-311",
"trust": 1.0
},
{
"problemtype": "CWE-732",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014602"
},
{
"db": "NVD",
"id": "CVE-2018-10612"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-352-03"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/106248"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10612"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10612"
},
{
"trust": 0.3,
"url": "https://www.codesys.com/"
},
{
"trust": 0.3,
"url": "https://customers.codesys.com/fileadmin/data/customers/security/codesys-security-whitepaper.pdf"
},
{
"trust": 0.3,
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-035-codesys-control-v3-access-control-inactive-by-default/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/311.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/732.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-10612"
},
{
"db": "BID",
"id": "106248"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014602"
},
{
"db": "NVD",
"id": "CVE-2018-10612"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-788"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2018-10612"
},
{
"db": "BID",
"id": "106248"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014602"
},
{
"db": "NVD",
"id": "CVE-2018-10612"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-788"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-29T00:00:00",
"db": "VULMON",
"id": "CVE-2018-10612"
},
{
"date": "2018-12-18T00:00:00",
"db": "BID",
"id": "106248"
},
{
"date": "2019-03-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014602"
},
{
"date": "2019-01-29T16:29:00.247000",
"db": "NVD",
"id": "CVE-2018-10612"
},
{
"date": "2018-12-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-788"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2018-10612"
},
{
"date": "2018-12-18T00:00:00",
"db": "BID",
"id": "106248"
},
{
"date": "2019-03-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014602"
},
{
"date": "2019-10-09T23:32:55.087000",
"db": "NVD",
"id": "CVE-2018-10612"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-788"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-788"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3S-Smart Software Solutions GmbH CODESYS Control V3 Access control vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014602"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-788"
}
],
"trust": 0.6
}
}