CVE-2023-37552
Vulnerability from cvelistv5
Published
2023-08-03 11:04
Modified
2024-10-11 18:10
Severity ?
EPSS score ?
Summary
CODESYS Improper Input Validation in CmpAppBP
References
▼ | URL | Tags | |
---|---|---|---|
info@cert.vde.com | https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:16:30.508Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert.vde.com/en/advisories/VDE-2023-019/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-37552", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-11T18:04:09.376275Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-11T18:10:33.714Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "CODESYS Control for BeagleBone SL", "vendor": "CODESYS", "versions": [ { "lessThan": "V4.10.0.0", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CODESYS Control for emPC-A/iMX6 SL", "vendor": "CODESYS", "versions": [ { "lessThan": "V4.10.0.0", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CODESYS Control for IOT2000 SL", "vendor": "CODESYS", "versions": [ { "lessThan": "V4.10.0.0", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CODESYS Control for Linux SL", "vendor": "CODESYS", "versions": [ { "lessThan": "V4.10.0.0", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CODESYS Control for PFC100 SL", "vendor": "CODESYS", "versions": [ { "lessThan": "V4.10.0.0", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CODESYS Control for PFC200 SL", "vendor": "CODESYS", "versions": [ { "lessThan": "V4.10.0.0", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CODESYS Control for PLCnext SL", "vendor": "CODESYS", "versions": [ { "lessThan": "V4.10.0.0", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CODESYS Control for Raspberry Pi SL", "vendor": "CODESYS", "versions": [ { "lessThan": "V4.10.0.0", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CODESYS Control for WAGO Touch Panels 600 SL", "vendor": "CODESYS", "versions": [ { "lessThan": "V4.10.0.0", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CODESYS Control RTE (for Beckhoff CX) SL", "vendor": "CODESYS", "versions": [ { "lessThan": "V3.5.19.20", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CODESYS Control RTE (SL)", "vendor": "CODESYS", "versions": [ { "lessThan": "V3.5.19.20", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CODESYS Control Runtime System Toolkit", "vendor": "CODESYS", "versions": [ { "lessThan": "V3.5.19.20", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CODESYS Control Win (SL)", "vendor": "CODESYS", "versions": [ { "lessThan": "V3.5.19.20", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CODESYS Development System V3", "vendor": "CODESYS", "versions": [ { "lessThan": "V3.5.19.20", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CODESYS HMI (SL)", "vendor": "CODESYS", "versions": [ { "lessThan": "V3.5.19.20", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "defaultStatus": "unaffected", "product": "CODESYS Safety SIL2 Runtime Toolkit", "vendor": "CODESYS", "versions": [ { "lessThan": "V3.5.19.20", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Vladimir Tokarev, Section 52, Azure IoT Security at Microsoft" } ], "datePublic": "2023-08-03T10:30:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553,\u0026nbsp;CVE-2023-37554,\u0026nbsp;CVE-2023-37555 and\u0026nbsp;CVE-2023-37556.\u003cbr\u003e\u003cbr\u003e" } ], "value": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553,\u00a0CVE-2023-37554,\u00a0CVE-2023-37555 and\u00a0CVE-2023-37556.\n\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-08-03T11:04:04.128Z", "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE" }, "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-019/" } ], "source": { "advisory": "VDE-2023-019", "defect": [ "CERT@VDE#64558" ], "discovery": "EXTERNAL" }, "title": "CODESYS Improper Input Validation in CmpAppBP", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "assignerShortName": "CERTVDE", "cveId": "CVE-2023-37552", "datePublished": "2023-08-03T11:04:04.128Z", "dateReserved": "2023-07-07T07:39:16.323Z", "dateUpdated": "2024-10-11T18:10:33.714Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2023-37552\",\"sourceIdentifier\":\"info@cert.vde.com\",\"published\":\"2023-08-03T12:15:10.353\",\"lastModified\":\"2023-08-08T15:43:03.593\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553,\u00a0CVE-2023-37554,\u00a0CVE-2023-37555 and\u00a0CVE-2023-37556.\\n\\n\"},{\"lang\":\"es\",\"value\":\"En varias versiones de varios productos Codesys, despu\u00e9s de una autenticaci\u00f3n exitosa como usuario, solicitudes de comunicaci\u00f3n de red espec\u00edficas dise\u00f1adas con contenido inconsistente pueden hacer que el componente CmpAppBP lea internamente desde una direcci\u00f3n no v\u00e1lida, lo que podr\u00eda provocar una condici\u00f3n de denegaci\u00f3n de servicio. Esta vulnerabilidad es diferente a CVE-2023-37553, CVE-2023-37554, CVE-2023-37555 y CVE-2023-37556.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6},{\"source\":\"info@cert.vde.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]},{\"source\":\"info@cert.vde.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.10.0.0\",\"matchCriteriaId\":\"80D9DB34-C2BD-441F-B8D9-02EFA27BECD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:control_for_empc-a\\\\/imx6_sl:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.10.0.0\",\"matchCriteriaId\":\"49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.10.0.0\",\"matchCriteriaId\":\"74FE662F-5397-4CB7-9243-1E6ED0AAEC29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.10.0.0\",\"matchCriteriaId\":\"8896E77C-EB29-4CB9-BC98-D5A34791A961\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.10.0.0\",\"matchCriteriaId\":\"56101551-21ED-4409-9932-9EFA225AF20C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.10.0.0\",\"matchCriteriaId\":\"C1239AA8-B094-4DA3-82B7-38F85B6C3940\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.10.0.0\",\"matchCriteriaId\":\"BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.10.0.0\",\"matchCriteriaId\":\"C248B53C-3C09-4068-9E57-8F9A4D2B7AD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.10.0.0\",\"matchCriteriaId\":\"C7995687-1BCD-454D-8546-52B80B5F22B0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.5.19.20\",\"matchCriteriaId\":\"BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:control_rte_sl_\\\\(for_beckhoff_cx\\\\):*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.5.19.20\",\"matchCriteriaId\":\"297D8781-B331-40B2-BD34-0041A316D5C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.5.19.20\",\"matchCriteriaId\":\"DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.5.19.20\",\"matchCriteriaId\":\"09CC9B78-B3B4-4D49-9F23-DC5C80D52588\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.5.19.20\",\"matchCriteriaId\":\"ACDCB65A-1328-422D-99A0-1D0FFE9AC793\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.5.19.20\",\"matchCriteriaId\":\"81E2FE85-347D-42DE-9360-D5DB79AAD085\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.5.19.20\",\"matchCriteriaId\":\"A7DF2418-1EC1-4672-941E-098EBC9BDF4F\"}]}]}],\"references\":[{\"url\":\"https://cert.vde.com/en/advisories/VDE-2023-019/\",\"source\":\"info@cert.vde.com\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.