Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    86 vulnerabilities found for development_system by codesys

    CVE-2026-44469 (GCVE-0-2026-44469)

    Vulnerability from nvd – Published: 2026-05-26 06:39 – Updated: 2026-05-26 10:48
    VLAI
    Title
    Incorrect Default Permissions in CODESYS Development System
    Summary
    The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before installation, resulting in local privilege escalation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Development System Affected: 3.0.0.0 , < 3.5.22.20 (semver)
    Create a notification for this product.
    Credits
    David Ruscheweyh from SEW-EURODRIVE GmbH & Co KG
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44469",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-26T10:44:51.917941Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-26T10:48:51.345Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "3.5.22.20",
                  "status": "affected",
                  "version": "3.0.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:codesys:codesys_development_system:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "3.5.22.20",
                      "versionStartIncluding": "3.0.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "David Ruscheweyh from SEW-EURODRIVE GmbH \u0026 Co KG"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before installation, resulting in local privilege escalation."
                }
              ],
              "value": "The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before installation, resulting in local privilege escalation."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276 Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-26T06:39:04.477Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://www.certvde.com/en/advisories/VDE-2026-055/"
            }
          ],
          "source": {
            "advisory": "VDE-2026-055",
            "defect": [
              "CERT@VDE#642071"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Incorrect Default Permissions in CODESYS Development System",
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2026-44469",
        "datePublished": "2026-05-26T06:39:04.477Z",
        "dateReserved": "2026-05-06T17:08:03.356Z",
        "dateUpdated": "2026-05-26T10:48:51.345Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44468 (GCVE-0-2026-44468)

    Vulnerability from nvd – Published: 2026-05-26 06:37 – Updated: 2026-05-26 10:49
    VLAI
    Title
    Incorrect Default Permissions in CODESYS Development System
    Summary
    The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary components.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Development System Affected: 3.0.0.0 , < 3.5.22.20 (semver)
    Create a notification for this product.
    Credits
    David Ruscheweyh from SEW-EURODRIVE GmbH & Co KG
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44468",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-26T10:44:43.453556Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-26T10:49:05.531Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "3.5.22.20",
                  "status": "affected",
                  "version": "3.0.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:codesys:codesys_development_system:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "3.5.22.20",
                      "versionStartIncluding": "3.0.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "David Ruscheweyh from SEW-EURODRIVE GmbH \u0026 Co KG"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary components."
                }
              ],
              "value": "The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary components."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276 Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-26T06:37:53.259Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://www.certvde.com/en/advisories/VDE-2026-055/"
            }
          ],
          "source": {
            "advisory": "VDE-2026-055",
            "defect": [
              "CERT@VDE#642071"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Incorrect Default Permissions in CODESYS Development System",
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2026-44468",
        "datePublished": "2026-05-26T06:37:53.259Z",
        "dateReserved": "2026-05-06T17:08:03.356Z",
        "dateUpdated": "2026-05-26T10:49:05.531Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-3669 (GCVE-0-2023-3669)

    Vulnerability from nvd – Published: 2023-08-03 11:11 – Updated: 2025-02-27 21:11
    VLAI
    Title
    CODESYS: Missing Brute-Force protection in CODESYS Development System
    Summary
    A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-307 - Improper Restriction of Excessive Authentication Attempts
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Development System Affected: 3.0.0.0 , < 3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:01:57.369Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-023"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3669",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:51:08.351739Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T21:11:19.916Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "3.5.19.20",
                  "status": "affected",
                  "version": "3.0.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog."
                }
              ],
              "value": "A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-307",
                  "description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:11:05.068Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-023"
            }
          ],
          "source": {
            "advisory": "VDE-2023-023",
            "defect": [
              "CERT@VDE#64562"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "CODESYS: Missing Brute-Force protection in CODESYS Development System",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-3669",
        "datePublished": "2023-08-03T11:11:05.068Z",
        "dateReserved": "2023-07-14T07:42:23.825Z",
        "dateUpdated": "2025-02-27T21:11:19.916Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37559 (GCVE-0-2023-37559)

    Vulnerability from nvd – Published: 2023-08-03 11:06 – Updated: 2024-10-11 18:09
    VLAI
    Title
    CODESYS Improper Validation of Consistency within Input in multiple products
    Summary
    After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.700Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37559",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T18:07:28.102576Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T18:09:05.823Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558"
                }
              ],
              "value": "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:06:56.079Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS Improper Validation of Consistency within Input in multiple products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37559",
        "datePublished": "2023-08-03T11:06:56.079Z",
        "dateReserved": "2023-07-07T07:39:19.122Z",
        "dateUpdated": "2024-10-11T18:09:05.823Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37558 (GCVE-0-2023-37558)

    Vulnerability from nvd – Published: 2023-08-03 11:06 – Updated: 2024-10-11 18:09
    VLAI
    Title
    CODESYS Improper Validation of Consistency within Input in multiple products
    Summary
    After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.767Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37558",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T18:07:13.616622Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T18:09:20.780Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559"
                }
              ],
              "value": "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:06:36.112Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS Improper Validation of Consistency within Input in multiple products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37558",
        "datePublished": "2023-08-03T11:06:36.112Z",
        "dateReserved": "2023-07-07T07:39:19.121Z",
        "dateUpdated": "2024-10-11T18:09:20.780Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37557 (GCVE-0-2023-37557)

    Vulnerability from nvd – Published: 2023-08-03 11:06 – Updated: 2024-10-09 20:52
    VLAI
    Title
    CODESYS Heap-based Buffer Overflow in multiple products
    Summary
    After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.379Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37557",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-09T20:48:56.664856Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-09T20:52:16.817Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition."
                }
              ],
              "value": "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787 Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:06:17.884Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS Heap-based Buffer Overflow in multiple products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37557",
        "datePublished": "2023-08-03T11:06:17.884Z",
        "dateReserved": "2023-07-07T07:39:19.121Z",
        "dateUpdated": "2024-10-09T20:52:16.817Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37556 (GCVE-0-2023-37556)

    Vulnerability from nvd – Published: 2023-08-03 11:05 – Updated: 2024-10-09 20:52
    VLAI
    Title
    CODESYS Improper Input Validation in CmpAppBP
    Summary
    In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37555.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.852Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37556",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-09T20:49:03.697246Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-09T20:52:36.722Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u0026nbsp;CVE-2023-37552,\u0026nbsp;CVE-2023-37553,\u0026nbsp;CVE-2023-37554 and CVE-2023-37555.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u00a0CVE-2023-37552,\u00a0CVE-2023-37553,\u00a0CVE-2023-37554 and CVE-2023-37555.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:05:52.986Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS Improper Input Validation in CmpAppBP",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37556",
        "datePublished": "2023-08-03T11:05:52.986Z",
        "dateReserved": "2023-07-07T07:39:19.120Z",
        "dateUpdated": "2024-10-09T20:52:36.722Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37555 (GCVE-0-2023-37555)

    Vulnerability from nvd – Published: 2023-08-03 11:05 – Updated: 2024-10-09 20:52
    VLAI
    Title
    CODESYS Improper Input Validation in CmpAppBP
    Summary
    In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37556.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.445Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37555",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-09T20:49:10.954455Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-09T20:52:51.974Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u0026nbsp;CVE-2023-37552,\u0026nbsp;CVE-2023-37553,\u0026nbsp;CVE-2023-37554 and\u0026nbsp;CVE-2023-37556.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u00a0CVE-2023-37552,\u00a0CVE-2023-37553,\u00a0CVE-2023-37554 and\u00a0CVE-2023-37556.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:05:33.660Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS Improper Input Validation in CmpAppBP",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37555",
        "datePublished": "2023-08-03T11:05:33.660Z",
        "dateReserved": "2023-07-07T07:39:19.120Z",
        "dateUpdated": "2024-10-09T20:52:51.974Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37554 (GCVE-0-2023-37554)

    Vulnerability from nvd – Published: 2023-08-03 11:05 – Updated: 2024-10-11 18:09
    VLAI
    Title
    CODESYS Improper Input Validation in CmpAppBP
    Summary
    In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37555 and CVE-2023-37556.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.422Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37554",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T18:05:06.756495Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T18:09:34.979Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u0026nbsp;CVE-2023-37552,\u0026nbsp;CVE-2023-37553, CVE-2023-37555 and\u0026nbsp;CVE-2023-37556.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u00a0CVE-2023-37552,\u00a0CVE-2023-37553, CVE-2023-37555 and\u00a0CVE-2023-37556.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:05:09.750Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS Improper Input Validation in CmpAppBP",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37554",
        "datePublished": "2023-08-03T11:05:09.750Z",
        "dateReserved": "2023-07-07T07:39:16.323Z",
        "dateUpdated": "2024-10-11T18:09:34.979Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37553 (GCVE-0-2023-37553)

    Vulnerability from nvd – Published: 2023-08-03 11:04 – Updated: 2024-10-11 18:10
    VLAI
    Title
    CODESYS Improper Input Validation in CmpAppBP
    Summary
    In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.602Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37553",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T18:05:01.815292Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T18:10:16.403Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u0026nbsp;CVE-2023-37552,\u0026nbsp;CVE-2023-37554,\u0026nbsp;CVE-2023-37555 and\u0026nbsp;CVE-2023-37556.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u00a0CVE-2023-37552,\u00a0CVE-2023-37554,\u00a0CVE-2023-37555 and\u00a0CVE-2023-37556.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:04:39.061Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS Improper Input Validation in CmpAppBP",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37553",
        "datePublished": "2023-08-03T11:04:39.061Z",
        "dateReserved": "2023-07-07T07:39:16.323Z",
        "dateUpdated": "2024-10-11T18:10:16.403Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37552 (GCVE-0-2023-37552)

    Vulnerability from nvd – Published: 2023-08-03 11:04 – Updated: 2024-10-11 18:10
    VLAI
    Title
    CODESYS Improper Input Validation in CmpAppBP
    Summary
    In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.508Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37552",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T18:04:09.376275Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T18:10:33.714Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553,\u0026nbsp;CVE-2023-37554,\u0026nbsp;CVE-2023-37555 and\u0026nbsp;CVE-2023-37556.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553,\u00a0CVE-2023-37554,\u00a0CVE-2023-37555 and\u00a0CVE-2023-37556.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:04:04.128Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS Improper Input Validation in CmpAppBP",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37552",
        "datePublished": "2023-08-03T11:04:04.128Z",
        "dateReserved": "2023-07-07T07:39:16.323Z",
        "dateUpdated": "2024-10-11T18:10:33.714Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37551 (GCVE-0-2023-37551)

    Vulnerability from nvd – Published: 2023-08-03 11:03 – Updated: 2024-10-11 18:10
    VLAI
    Title
    CODESYS Files or Directories Accessible to External Parties in CmpApp
    Summary
    In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-552 - Files or Directories Accessible to External Parties
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.609Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37551",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T18:01:50.770279Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T18:10:51.431Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller."
                }
              ],
              "value": "In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-552",
                  "description": "CWE-552 Files or Directories Accessible to External Parties",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:03:37.457Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS Files or Directories Accessible to External Parties in CmpApp",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37551",
        "datePublished": "2023-08-03T11:03:37.457Z",
        "dateReserved": "2023-07-07T07:39:16.323Z",
        "dateUpdated": "2024-10-11T18:10:51.431Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37550 (GCVE-0-2023-37550)

    Vulnerability from nvd – Published: 2023-08-03 11:03 – Updated: 2024-10-11 18:11
    VLAI
    Title
    CODESYS: Improper Input Validation in CmpApp component
    Summary
    In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.425Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37550",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T18:01:46.088420Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T18:11:18.756Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546,\u0026nbsp;CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546,\u00a0CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:03:09.222Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS: Improper Input Validation in CmpApp component",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37550",
        "datePublished": "2023-08-03T11:03:09.222Z",
        "dateReserved": "2023-07-07T07:39:16.322Z",
        "dateUpdated": "2024-10-11T18:11:18.756Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37549 (GCVE-0-2023-37549)

    Vulnerability from nvd – Published: 2023-08-03 11:02 – Updated: 2024-10-11 18:12
    VLAI
    Title
    CODESYS: Improper Input Validation in CmpApp component
    Summary
    In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37550
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.241Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37549",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T18:01:40.613696Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T18:12:01.720Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546,\u0026nbsp;CVE-2023-37547, CVE-2023-37548 and CVE-2023-37550\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546,\u00a0CVE-2023-37547, CVE-2023-37548 and CVE-2023-37550\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:02:33.725Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS: Improper Input Validation in CmpApp component",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37549",
        "datePublished": "2023-08-03T11:02:33.725Z",
        "dateReserved": "2023-07-07T07:39:16.322Z",
        "dateUpdated": "2024-10-11T18:12:01.720Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37548 (GCVE-0-2023-37548)

    Vulnerability from nvd – Published: 2023-08-03 11:02 – Updated: 2024-10-11 18:12
    VLAI
    Title
    CODESYS: Improper Input Validation in CmpApp component
    Summary
    In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.432Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37548",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T17:59:49.760916Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T18:12:26.294Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546,\u0026nbsp;CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546,\u00a0CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:02:02.224Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS: Improper Input Validation in CmpApp component",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37548",
        "datePublished": "2023-08-03T11:02:02.224Z",
        "dateReserved": "2023-07-07T07:39:16.322Z",
        "dateUpdated": "2024-10-11T18:12:26.294Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37547 (GCVE-0-2023-37547)

    Vulnerability from nvd – Published: 2023-08-03 11:01 – Updated: 2024-10-11 18:12
    VLAI
    Title
    CODESYS: Improper Input Validation in CmpApp component
    Summary
    In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.418Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37547",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T17:59:39.095120Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T18:12:55.550Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:01:10.534Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS: Improper Input Validation in CmpApp component",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37547",
        "datePublished": "2023-08-03T11:01:10.534Z",
        "dateReserved": "2023-07-07T07:39:16.322Z",
        "dateUpdated": "2024-10-11T18:12:55.550Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37546 (GCVE-0-2023-37546)

    Vulnerability from nvd – Published: 2023-08-03 11:00 – Updated: 2024-10-11 18:14
    VLAI
    Title
    CODESYS: Improper Input Validation in CmpApp component
    Summary
    In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.484Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37546",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T17:59:33.810402Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T18:14:28.818Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:00:33.624Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS: Improper Input Validation in CmpApp component",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37546",
        "datePublished": "2023-08-03T11:00:33.624Z",
        "dateReserved": "2023-07-07T07:39:16.322Z",
        "dateUpdated": "2024-10-11T18:14:28.818Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-3663 (GCVE-0-2023-3663)

    Vulnerability from nvd – Published: 2023-08-03 10:55 – Updated: 2025-02-27 21:11
    VLAI
    Title
    CODESYS: Missing integrity check in CODESYS Development System
    Summary
    In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-940 - Improper Verification of Source of a Communication Channel
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Development System Affected: 3.5.11.20 , < 3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:01:57.323Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-022/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3663",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:54:28.867674Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T21:11:34.700Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "3.5.19.20",
                  "status": "affected",
                  "version": "3.5.11.20",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server."
                }
              ],
              "value": "In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-940",
                  "description": "CWE-940 Improper Verification of Source of a Communication Channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-10-02T05:35:40.245Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-022/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-022",
            "defect": [
              "CERT@VDE#64561"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS: Missing integrity check in CODESYS Development System",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-3663",
        "datePublished": "2023-08-03T10:55:08.945Z",
        "dateReserved": "2023-07-13T13:04:46.976Z",
        "dateUpdated": "2025-02-27T21:11:34.700Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-3662 (GCVE-0-2023-3662)

    Vulnerability from nvd – Published: 2023-08-03 10:55 – Updated: 2025-02-27 21:11
    VLAI
    Title
    CODESYS: Vulnerability in CODESYS Development System allows for execution of binaries
    Summary
    In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context .
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-427 - Uncontrolled Search Path Element
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Development System Affected: 3.5.17.0 , < 3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:01:57.375Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-021/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3662",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:54:27.291596Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T21:11:28.683Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "3.5.19.20",
                  "status": "affected",
                  "version": "3.5.17.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context ."
                }
              ],
              "value": "In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context ."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427 Uncontrolled Search Path Element",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T10:55:43.844Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-021/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-021",
            "defect": [
              "CERT@VDE#64560"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS: Vulnerability in CODESYS Development System allows for execution of binaries",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-3662",
        "datePublished": "2023-08-03T10:55:43.844Z",
        "dateReserved": "2023-07-13T12:54:10.262Z",
        "dateUpdated": "2025-02-27T21:11:28.683Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37545 (GCVE-0-2023-37545)

    Vulnerability from nvd – Published: 2023-08-03 10:59 – Updated: 2024-10-11 18:14
    VLAI
    Title
    CODESYS: Improper Input Validation in CmpApp component
    Summary
    In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.338Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37545",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T17:59:27.383050Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T18:14:47.934Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546,\u0026nbsp;CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546,\u00a0CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T10:59:28.961Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS: Improper Input Validation in CmpApp component",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37545",
        "datePublished": "2023-08-03T10:59:28.961Z",
        "dateReserved": "2023-07-07T07:39:16.322Z",
        "dateUpdated": "2024-10-11T18:14:47.934Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-44469 (GCVE-0-2026-44469)

    Vulnerability from cvelistv5 – Published: 2026-05-26 06:39 – Updated: 2026-05-26 10:48
    VLAI
    Title
    Incorrect Default Permissions in CODESYS Development System
    Summary
    The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before installation, resulting in local privilege escalation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Development System Affected: 3.0.0.0 , < 3.5.22.20 (semver)
    Create a notification for this product.
    Credits
    David Ruscheweyh from SEW-EURODRIVE GmbH & Co KG
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44469",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-26T10:44:51.917941Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-26T10:48:51.345Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "3.5.22.20",
                  "status": "affected",
                  "version": "3.0.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:codesys:codesys_development_system:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "3.5.22.20",
                      "versionStartIncluding": "3.0.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "David Ruscheweyh from SEW-EURODRIVE GmbH \u0026 Co KG"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before installation, resulting in local privilege escalation."
                }
              ],
              "value": "The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before installation, resulting in local privilege escalation."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276 Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-26T06:39:04.477Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://www.certvde.com/en/advisories/VDE-2026-055/"
            }
          ],
          "source": {
            "advisory": "VDE-2026-055",
            "defect": [
              "CERT@VDE#642071"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Incorrect Default Permissions in CODESYS Development System",
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2026-44469",
        "datePublished": "2026-05-26T06:39:04.477Z",
        "dateReserved": "2026-05-06T17:08:03.356Z",
        "dateUpdated": "2026-05-26T10:48:51.345Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44468 (GCVE-0-2026-44468)

    Vulnerability from cvelistv5 – Published: 2026-05-26 06:37 – Updated: 2026-05-26 10:49
    VLAI
    Title
    Incorrect Default Permissions in CODESYS Development System
    Summary
    The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary components.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Development System Affected: 3.0.0.0 , < 3.5.22.20 (semver)
    Create a notification for this product.
    Credits
    David Ruscheweyh from SEW-EURODRIVE GmbH & Co KG
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44468",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-26T10:44:43.453556Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-26T10:49:05.531Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "3.5.22.20",
                  "status": "affected",
                  "version": "3.0.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:codesys:codesys_development_system:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "3.5.22.20",
                      "versionStartIncluding": "3.0.0.0",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "David Ruscheweyh from SEW-EURODRIVE GmbH \u0026 Co KG"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary components."
                }
              ],
              "value": "The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary components."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276 Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-26T06:37:53.259Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://www.certvde.com/en/advisories/VDE-2026-055/"
            }
          ],
          "source": {
            "advisory": "VDE-2026-055",
            "defect": [
              "CERT@VDE#642071"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "Incorrect Default Permissions in CODESYS Development System",
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2026-44468",
        "datePublished": "2026-05-26T06:37:53.259Z",
        "dateReserved": "2026-05-06T17:08:03.356Z",
        "dateUpdated": "2026-05-26T10:49:05.531Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-3669 (GCVE-0-2023-3669)

    Vulnerability from cvelistv5 – Published: 2023-08-03 11:11 – Updated: 2025-02-27 21:11
    VLAI
    Title
    CODESYS: Missing Brute-Force protection in CODESYS Development System
    Summary
    A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-307 - Improper Restriction of Excessive Authentication Attempts
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Development System Affected: 3.0.0.0 , < 3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T07:01:57.369Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-023"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-3669",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T21:51:08.351739Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-27T21:11:19.916Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "3.5.19.20",
                  "status": "affected",
                  "version": "3.0.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog."
                }
              ],
              "value": "A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-307",
                  "description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:11:05.068Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-023"
            }
          ],
          "source": {
            "advisory": "VDE-2023-023",
            "defect": [
              "CERT@VDE#64562"
            ],
            "discovery": "UNKNOWN"
          },
          "title": "CODESYS: Missing Brute-Force protection in CODESYS Development System",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-3669",
        "datePublished": "2023-08-03T11:11:05.068Z",
        "dateReserved": "2023-07-14T07:42:23.825Z",
        "dateUpdated": "2025-02-27T21:11:19.916Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37559 (GCVE-0-2023-37559)

    Vulnerability from cvelistv5 – Published: 2023-08-03 11:06 – Updated: 2024-10-11 18:09
    VLAI
    Title
    CODESYS Improper Validation of Consistency within Input in multiple products
    Summary
    After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.700Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37559",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T18:07:28.102576Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T18:09:05.823Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558"
                }
              ],
              "value": "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:06:56.079Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS Improper Validation of Consistency within Input in multiple products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37559",
        "datePublished": "2023-08-03T11:06:56.079Z",
        "dateReserved": "2023-07-07T07:39:19.122Z",
        "dateUpdated": "2024-10-11T18:09:05.823Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37558 (GCVE-0-2023-37558)

    Vulnerability from cvelistv5 – Published: 2023-08-03 11:06 – Updated: 2024-10-11 18:09
    VLAI
    Title
    CODESYS Improper Validation of Consistency within Input in multiple products
    Summary
    After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.767Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37558",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T18:07:13.616622Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T18:09:20.780Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559"
                }
              ],
              "value": "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:06:36.112Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS Improper Validation of Consistency within Input in multiple products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37558",
        "datePublished": "2023-08-03T11:06:36.112Z",
        "dateReserved": "2023-07-07T07:39:19.121Z",
        "dateUpdated": "2024-10-11T18:09:20.780Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37557 (GCVE-0-2023-37557)

    Vulnerability from cvelistv5 – Published: 2023-08-03 11:06 – Updated: 2024-10-09 20:52
    VLAI
    Title
    CODESYS Heap-based Buffer Overflow in multiple products
    Summary
    After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.379Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37557",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-09T20:48:56.664856Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-09T20:52:16.817Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition."
                }
              ],
              "value": "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787 Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:06:17.884Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS Heap-based Buffer Overflow in multiple products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37557",
        "datePublished": "2023-08-03T11:06:17.884Z",
        "dateReserved": "2023-07-07T07:39:19.121Z",
        "dateUpdated": "2024-10-09T20:52:16.817Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37556 (GCVE-0-2023-37556)

    Vulnerability from cvelistv5 – Published: 2023-08-03 11:05 – Updated: 2024-10-09 20:52
    VLAI
    Title
    CODESYS Improper Input Validation in CmpAppBP
    Summary
    In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37555.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.852Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37556",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-09T20:49:03.697246Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-09T20:52:36.722Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u0026nbsp;CVE-2023-37552,\u0026nbsp;CVE-2023-37553,\u0026nbsp;CVE-2023-37554 and CVE-2023-37555.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u00a0CVE-2023-37552,\u00a0CVE-2023-37553,\u00a0CVE-2023-37554 and CVE-2023-37555.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:05:52.986Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS Improper Input Validation in CmpAppBP",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37556",
        "datePublished": "2023-08-03T11:05:52.986Z",
        "dateReserved": "2023-07-07T07:39:19.120Z",
        "dateUpdated": "2024-10-09T20:52:36.722Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37555 (GCVE-0-2023-37555)

    Vulnerability from cvelistv5 – Published: 2023-08-03 11:05 – Updated: 2024-10-09 20:52
    VLAI
    Title
    CODESYS Improper Input Validation in CmpAppBP
    Summary
    In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37556.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.445Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37555",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-09T20:49:10.954455Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-09T20:52:51.974Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u0026nbsp;CVE-2023-37552,\u0026nbsp;CVE-2023-37553,\u0026nbsp;CVE-2023-37554 and\u0026nbsp;CVE-2023-37556.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u00a0CVE-2023-37552,\u00a0CVE-2023-37553,\u00a0CVE-2023-37554 and\u00a0CVE-2023-37556.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:05:33.660Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS Improper Input Validation in CmpAppBP",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37555",
        "datePublished": "2023-08-03T11:05:33.660Z",
        "dateReserved": "2023-07-07T07:39:19.120Z",
        "dateUpdated": "2024-10-09T20:52:51.974Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37554 (GCVE-0-2023-37554)

    Vulnerability from cvelistv5 – Published: 2023-08-03 11:05 – Updated: 2024-10-11 18:09
    VLAI
    Title
    CODESYS Improper Input Validation in CmpAppBP
    Summary
    In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37555 and CVE-2023-37556.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.422Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37554",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T18:05:06.756495Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T18:09:34.979Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u0026nbsp;CVE-2023-37552,\u0026nbsp;CVE-2023-37553, CVE-2023-37555 and\u0026nbsp;CVE-2023-37556.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u00a0CVE-2023-37552,\u00a0CVE-2023-37553, CVE-2023-37555 and\u00a0CVE-2023-37556.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:05:09.750Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS Improper Input Validation in CmpAppBP",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37554",
        "datePublished": "2023-08-03T11:05:09.750Z",
        "dateReserved": "2023-07-07T07:39:16.323Z",
        "dateUpdated": "2024-10-11T18:09:34.979Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-37553 (GCVE-0-2023-37553)

    Vulnerability from cvelistv5 – Published: 2023-08-03 11:04 – Updated: 2024-10-11 18:10
    VLAI
    Title
    CODESYS Improper Input Validation in CmpAppBP
    Summary
    In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    References
    Impacted products
    Vendor Product Version
    CODESYS CODESYS Control for BeagleBone SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for emPC-A/iMX6 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for IOT2000 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Linux SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC100 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PFC200 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for PLCnext SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for Raspberry Pi SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control for WAGO Touch Panels 600 SL Affected: 0 , < V4.10.0.0 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (for Beckhoff CX) SL Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control RTE (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Runtime System Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Control Win (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Development System V3 Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS HMI (SL) Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    CODESYS CODESYS Safety SIL2 Runtime Toolkit Affected: 0 , < V3.5.19.20 (semver)
    Create a notification for this product.
    Date Public
    2023-08-03 10:30
    Credits
    Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T17:16:30.602Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-37553",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T18:05:01.815292Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T18:10:16.403Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for BeagleBone SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for emPC-A/iMX6 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for IOT2000 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Linux SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC100 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PFC200 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for PLCnext SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for Raspberry Pi SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control for WAGO Touch Panels 600 SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V4.10.0.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (for Beckhoff CX) SL",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control RTE (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Runtime System Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Control Win (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Development System V3",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS HMI (SL)",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "CODESYS Safety SIL2 Runtime Toolkit",
              "vendor": "CODESYS",
              "versions": [
                {
                  "lessThan": "V3.5.19.20",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft"
            }
          ],
          "datePublic": "2023-08-03T10:30:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u0026nbsp;CVE-2023-37552,\u0026nbsp;CVE-2023-37554,\u0026nbsp;CVE-2023-37555 and\u0026nbsp;CVE-2023-37556.\u003cbr\u003e\u003cbr\u003e"
                }
              ],
              "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u00a0CVE-2023-37552,\u00a0CVE-2023-37554,\u00a0CVE-2023-37555 and\u00a0CVE-2023-37556.\n\n"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-08-03T11:04:39.061Z",
            "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
            "shortName": "CERTVDE"
          },
          "references": [
            {
              "url": "https://cert.vde.com/en/advisories/VDE-2023-019/"
            }
          ],
          "source": {
            "advisory": "VDE-2023-019",
            "defect": [
              "CERT@VDE#64558"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "CODESYS Improper Input Validation in CmpAppBP",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "assignerShortName": "CERTVDE",
        "cveId": "CVE-2023-37553",
        "datePublished": "2023-08-03T11:04:39.061Z",
        "dateReserved": "2023-07-07T07:39:16.323Z",
        "dateUpdated": "2024-10-11T18:10:16.403Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }