Action not permitted
Modal body text goes here.
wid-sec-w-2023-0825
Vulnerability from csaf_certbund
Published
2023-04-02 22:00
Modified
2023-04-02 22:00
Summary
ABB AC-500: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Die ABB AC-500 ist eine speicherprogrammierbare Steuerung (SPS).
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in ABB AC-500 ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen oder Dateien zu manipulieren.
Betroffene Betriebssysteme
- BIOS/Firmware
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die ABB AC-500 ist eine speicherprogrammierbare Steuerung (SPS).",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in ABB AC-500 ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Dateien zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0825 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0825.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0825 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0825"
},
{
"category": "external",
"summary": "ABB Security Advisory vom 2023-04-02",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR011162\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"source_lang": "en-US",
"title": "ABB AC-500: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-04-02T22:00:00.000+00:00",
"generator": {
"date": "2024-02-15T17:21:39.810+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.0"
}
},
"id": "WID-SEC-W-2023-0825",
"initial_release_date": "2023-04-02T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-04-02T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "ABB AC-500 \u003c 2.8.6",
"product": {
"name": "ABB AC-500 \u003c 2.8.6",
"product_id": "T027047",
"product_identification_helper": {
"cpe": "cpe:/h:abb:ac-500:2.8.6"
}
}
}
],
"category": "vendor",
"name": "ABB"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-32143",
"notes": [
{
"category": "description",
"text": "In ABB AC-500 existieren mehrere Schwachstellen. Diese sind auf einen Out-of-Bounds-Lesefehler, Fehler beim Error-Handling, einer unzureichend verschl\u00fcsselten Kommunikation, Speicherfehler sowie Fehler in Funktionen zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2023-04-02T22:00:00Z",
"title": "CVE-2022-32143"
},
{
"cve": "CVE-2022-32142",
"notes": [
{
"category": "description",
"text": "In ABB AC-500 existieren mehrere Schwachstellen. Diese sind auf einen Out-of-Bounds-Lesefehler, Fehler beim Error-Handling, einer unzureichend verschl\u00fcsselten Kommunikation, Speicherfehler sowie Fehler in Funktionen zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2023-04-02T22:00:00Z",
"title": "CVE-2022-32142"
},
{
"cve": "CVE-2022-32141",
"notes": [
{
"category": "description",
"text": "In ABB AC-500 existieren mehrere Schwachstellen. Diese sind auf einen Out-of-Bounds-Lesefehler, Fehler beim Error-Handling, einer unzureichend verschl\u00fcsselten Kommunikation, Speicherfehler sowie Fehler in Funktionen zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2023-04-02T22:00:00Z",
"title": "CVE-2022-32141"
},
{
"cve": "CVE-2022-32140",
"notes": [
{
"category": "description",
"text": "In ABB AC-500 existieren mehrere Schwachstellen. Diese sind auf einen Out-of-Bounds-Lesefehler, Fehler beim Error-Handling, einer unzureichend verschl\u00fcsselten Kommunikation, Speicherfehler sowie Fehler in Funktionen zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2023-04-02T22:00:00Z",
"title": "CVE-2022-32140"
},
{
"cve": "CVE-2022-32139",
"notes": [
{
"category": "description",
"text": "In ABB AC-500 existieren mehrere Schwachstellen. Diese sind auf einen Out-of-Bounds-Lesefehler, Fehler beim Error-Handling, einer unzureichend verschl\u00fcsselten Kommunikation, Speicherfehler sowie Fehler in Funktionen zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2023-04-02T22:00:00Z",
"title": "CVE-2022-32139"
},
{
"cve": "CVE-2022-32138",
"notes": [
{
"category": "description",
"text": "In ABB AC-500 existieren mehrere Schwachstellen. Diese sind auf einen Out-of-Bounds-Lesefehler, Fehler beim Error-Handling, einer unzureichend verschl\u00fcsselten Kommunikation, Speicherfehler sowie Fehler in Funktionen zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2023-04-02T22:00:00Z",
"title": "CVE-2022-32138"
},
{
"cve": "CVE-2022-32137",
"notes": [
{
"category": "description",
"text": "In ABB AC-500 existieren mehrere Schwachstellen. Diese sind auf einen Out-of-Bounds-Lesefehler, Fehler beim Error-Handling, einer unzureichend verschl\u00fcsselten Kommunikation, Speicherfehler sowie Fehler in Funktionen zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2023-04-02T22:00:00Z",
"title": "CVE-2022-32137"
},
{
"cve": "CVE-2022-32136",
"notes": [
{
"category": "description",
"text": "In ABB AC-500 existieren mehrere Schwachstellen. Diese sind auf einen Out-of-Bounds-Lesefehler, Fehler beim Error-Handling, einer unzureichend verschl\u00fcsselten Kommunikation, Speicherfehler sowie Fehler in Funktionen zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2023-04-02T22:00:00Z",
"title": "CVE-2022-32136"
},
{
"cve": "CVE-2022-3192",
"notes": [
{
"category": "description",
"text": "In ABB AC-500 existieren mehrere Schwachstellen. Diese sind auf einen Out-of-Bounds-Lesefehler, Fehler beim Error-Handling, einer unzureichend verschl\u00fcsselten Kommunikation, Speicherfehler sowie Fehler in Funktionen zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2023-04-02T22:00:00Z",
"title": "CVE-2022-3192"
},
{
"cve": "CVE-2022-31805",
"notes": [
{
"category": "description",
"text": "In ABB AC-500 existieren mehrere Schwachstellen. Diese sind auf einen Out-of-Bounds-Lesefehler, Fehler beim Error-Handling, einer unzureichend verschl\u00fcsselten Kommunikation, Speicherfehler sowie Fehler in Funktionen zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2023-04-02T22:00:00Z",
"title": "CVE-2022-31805"
},
{
"cve": "CVE-2022-1965",
"notes": [
{
"category": "description",
"text": "In ABB AC-500 existieren mehrere Schwachstellen. Diese sind auf einen Out-of-Bounds-Lesefehler, Fehler beim Error-Handling, einer unzureichend verschl\u00fcsselten Kommunikation, Speicherfehler sowie Fehler in Funktionen zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2023-04-02T22:00:00Z",
"title": "CVE-2022-1965"
},
{
"cve": "CVE-2021-34595",
"notes": [
{
"category": "description",
"text": "In ABB AC-500 existieren mehrere Schwachstellen. Diese sind auf einen Out-of-Bounds-Lesefehler, Fehler beim Error-Handling, einer unzureichend verschl\u00fcsselten Kommunikation, Speicherfehler sowie Fehler in Funktionen zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Dateien zu manipulieren."
}
],
"release_date": "2023-04-02T22:00:00Z",
"title": "CVE-2021-34595"
}
]
}
cve-2022-31805
Vulnerability from cvelistv5
Published
2022-06-24 07:46
Modified
2024-09-16 18:55
Severity ?
EPSS score ?
Summary
Insecure transmission of credentials
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17140\u0026token=6aa2c5c4a8b83b8b09936fefed5b0b11f9d2cc6c\u0026download="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Development System",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.3.9.69",
"status": "affected",
"version": "V2",
"versionType": "custom"
},
{
"lessThan": "V3.5.18.30",
"status": "affected",
"version": "V3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Gateway Client",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.3.9.38",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Gateway Server",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.3.9.38",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Web server",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V1.1.9.23",
"status": "affected",
"version": "V1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS SP Realtime NT",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.3.7.30",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS PLCWinNT",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Runtime Toolkit 32 bit full",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Edge Gateway for Windows",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V3.5.18.30",
"status": "affected",
"version": "V3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS HMI (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V3.5.18.30",
"status": "affected",
"version": "V3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS OPC DA Server SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V3.5.18.30",
"status": "affected",
"version": "V3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS PLCHandler",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V3.5.18.30",
"status": "affected",
"version": "V3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Gateway",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V3.5.18.30",
"status": "affected",
"version": "V3",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-22T22:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected.\u003c/p\u003e"
}
],
"value": "In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-523",
"description": "CWE-523 Unprotected Transport of Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-09T12:54:39.506Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17140\u0026token=6aa2c5c4a8b83b8b09936fefed5b0b11f9d2cc6c\u0026download="
}
],
"source": {
"defect": [
"CERT@VDE#",
"64140"
],
"discovery": "UNKNOWN"
},
"title": "Insecure transmission of credentials",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2022-06-23T10:00:00.000Z",
"ID": "CVE-2022-31805",
"STATE": "PUBLIC",
"TITLE": "Insecure transmission of credentials"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CODESYS Development System",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.3.9.69"
},
{
"version_affected": "\u003c",
"version_name": "V3",
"version_value": "V3.5.18.20"
}
]
}
},
{
"product_name": "CODESYS Gateway Client",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.3.9.38"
}
]
}
},
{
"product_name": "CODESYS Gateway Server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.3.9.38"
}
]
}
},
{
"product_name": "CODESYS Web server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V1",
"version_value": "V1.1.9.23"
}
]
}
},
{
"product_name": "CODESYS SP Realtime NT",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.3.7.30"
}
]
}
},
{
"product_name": "CODESYS PLCWinNT",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
},
{
"product_name": "CODESYS Runtime Toolkit 32 bit full",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
},
{
"product_name": "CODESYS Edge Gateway for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V3",
"version_value": "V3.5.18.20"
}
]
}
},
{
"product_name": "CODESYS HMI (SL)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V3",
"version_value": "V3.5.18.20"
}
]
}
},
{
"product_name": "CODESYS OPC DA Server SL",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V3",
"version_value": "V3.5.18.20"
}
]
}
},
{
"product_name": "CODESYS PLCHandler",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V3",
"version_value": "V3.5.18.20"
}
]
}
},
{
"product_name": "CODESYS Gateway",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V3",
"version_value": "V3.5.18.20"
}
]
}
}
]
},
"vendor_name": "CODESYS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-523 Unprotected Transport of Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17140\u0026token=6aa2c5c4a8b83b8b09936fefed5b0b11f9d2cc6c\u0026download=",
"refsource": "CONFIRM",
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17140\u0026token=6aa2c5c4a8b83b8b09936fefed5b0b11f9d2cc6c\u0026download="
}
]
},
"source": {
"defect": [
"CERT@VDE#",
"64140"
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2022-31805",
"datePublished": "2022-06-24T07:46:15.076016Z",
"dateReserved": "2022-05-30T00:00:00",
"dateUpdated": "2024-09-16T18:55:26.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32141
Vulnerability from cvelistv5
Published
2022-06-24 07:46
Modified
2024-09-16 17:27
Severity ?
EPSS score ?
Summary
CODESYS runtime system prone to denial of service due to buffer over read
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| CODESYS | Runtime Toolkit | |
| CODESYS | PLCWinNT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:56.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32 bit"
],
"product": "Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
},
{
"product": "PLCWinNT",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a denial-of-service condition. User interaction is not required."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T07:46:26",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CODESYS runtime system prone to denial of service due to buffer over read",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2022-06-15T07:34:00.000Z",
"ID": "CVE-2022-32141",
"STATE": "PUBLIC",
"TITLE": "CODESYS runtime system prone to denial of service due to buffer over read"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Runtime Toolkit",
"version": {
"version_data": [
{
"platform": "32 bit",
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
},
{
"product_name": "PLCWinNT",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
}
]
},
"vendor_name": "CODESYS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a denial-of-service condition. User interaction is not required."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-126 Buffer Over-read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download=",
"refsource": "CONFIRM",
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2022-32141",
"datePublished": "2022-06-24T07:46:26.865644Z",
"dateReserved": "2022-05-31T00:00:00",
"dateUpdated": "2024-09-16T17:27:44.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-1965
Vulnerability from cvelistv5
Published
2022-06-24 07:46
Modified
2024-09-16 17:53
Severity ?
EPSS score ?
Summary
CODESYS runtime system prone to file deletion due to improper error handling
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| CODESYS | Runtime Toolkit | |
| CODESYS | PLCWinNT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:24:43.779Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32 bit"
],
"product": "Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
},
{
"product": "PLCWinNT",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple products of CODESYS implement a improper error handling. A low privilege remote attacker may craft a request, which is not properly processed by the error handling. In consequence, the file referenced by the request could be deleted. User interaction is not required."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755 Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T07:46:07",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CODESYS runtime system prone to file deletion due to improper error handling",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2022-06-15T08:21:00.000Z",
"ID": "CVE-2022-1965",
"STATE": "PUBLIC",
"TITLE": "CODESYS runtime system prone to file deletion due to improper error handling"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Runtime Toolkit",
"version": {
"version_data": [
{
"platform": "32 bit",
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
},
{
"product_name": "PLCWinNT",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
}
]
},
"vendor_name": "CODESYS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple products of CODESYS implement a improper error handling. A low privilege remote attacker may craft a request, which is not properly processed by the error handling. In consequence, the file referenced by the request could be deleted. User interaction is not required."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download=",
"refsource": "CONFIRM",
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2022-1965",
"datePublished": "2022-06-24T07:46:07.918368Z",
"dateReserved": "2022-06-01T00:00:00",
"dateUpdated": "2024-09-16T17:53:43.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32138
Vulnerability from cvelistv5
Published
2022-06-24 07:46
Modified
2024-09-17 01:47
Severity ?
EPSS score ?
Summary
CODESYS runtime system prone to denial of service due to Unexpected Sign Extension
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| CODESYS | Runtime Toolkit | |
| CODESYS | PLCWinNT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:56.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32 bit"
],
"product": "Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
},
{
"product": "PLCWinNT",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a denial-of-service condition or memory overwrite."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-194",
"description": "CWE-194: Unexpected Sign Extension",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T07:46:21",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CODESYS runtime system prone to denial of service due to Unexpected Sign Extension",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2022-06-15T12:47:00.000Z",
"ID": "CVE-2022-32138",
"STATE": "PUBLIC",
"TITLE": "CODESYS runtime system prone to denial of service due to Unexpected Sign Extension"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Runtime Toolkit",
"version": {
"version_data": [
{
"platform": "32 bit",
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
},
{
"product_name": "PLCWinNT",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
}
]
},
"vendor_name": "CODESYS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a denial-of-service condition or memory overwrite."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-194: Unexpected Sign Extension"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download=",
"refsource": "CONFIRM",
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2022-32138",
"datePublished": "2022-06-24T07:46:21.898779Z",
"dateReserved": "2022-05-31T00:00:00",
"dateUpdated": "2024-09-17T01:47:02.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32142
Vulnerability from cvelistv5
Published
2022-06-24 07:46
Modified
2024-09-17 01:00
Severity ?
EPSS score ?
Summary
CODESYS runtime system prone to denial of service due to use of out of range pointer
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| CODESYS | Runtime Toolkit | |
| CODESYS | PLCWinNT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:55.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32 bit"
],
"product": "Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
},
{
"product": "PLCWinNT",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a change of local files. User interaction is not required."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-823",
"description": "CWE-823 Use of Out-of-range Pointer Offset",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T07:46:28",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CODESYS runtime system prone to denial of service due to use of out of range pointer",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2022-06-15T07:38:00.000Z",
"ID": "CVE-2022-32142",
"STATE": "PUBLIC",
"TITLE": "CODESYS runtime system prone to denial of service due to use of out of range pointer"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Runtime Toolkit",
"version": {
"version_data": [
{
"platform": "32 bit",
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
},
{
"product_name": "PLCWinNT",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
}
]
},
"vendor_name": "CODESYS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a change of local files. User interaction is not required."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-823 Use of Out-of-range Pointer Offset"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download=",
"refsource": "CONFIRM",
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2022-32142",
"datePublished": "2022-06-24T07:46:28.408653Z",
"dateReserved": "2022-05-31T00:00:00",
"dateUpdated": "2024-09-17T01:00:49.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32140
Vulnerability from cvelistv5
Published
2022-06-24 07:46
Modified
2024-09-16 19:35
Severity ?
EPSS score ?
Summary
CODESYS runtime system prone to denial of service due to buffer copy
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| CODESYS | Runtime Toolkit | |
| CODESYS | PLCWinNT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:55.985Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32 bit"
],
"product": "Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
},
{
"product": "PLCWinNT",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple CODESYS products are affected to a buffer overflow.A low privileged remote attacker may craft a request, which can cause a buffer copy without checking the size of the service, resulting in a denial-of-service condition. User Interaction is not required."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T07:46:25",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CODESYS runtime system prone to denial of service due to buffer copy",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2022-06-16T07:31:00.000Z",
"ID": "CVE-2022-32140",
"STATE": "PUBLIC",
"TITLE": "CODESYS runtime system prone to denial of service due to buffer copy"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Runtime Toolkit",
"version": {
"version_data": [
{
"platform": "32 bit",
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
},
{
"product_name": "PLCWinNT",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
}
]
},
"vendor_name": "CODESYS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple CODESYS products are affected to a buffer overflow.A low privileged remote attacker may craft a request, which can cause a buffer copy without checking the size of the service, resulting in a denial-of-service condition. User Interaction is not required."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120 Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download=",
"refsource": "CONFIRM",
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2022-32140",
"datePublished": "2022-06-24T07:46:25.218250Z",
"dateReserved": "2022-05-31T00:00:00",
"dateUpdated": "2024-09-16T19:35:27.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32137
Vulnerability from cvelistv5
Published
2022-06-24 07:46
Modified
2024-09-16 21:04
Severity ?
EPSS score ?
Summary
CODESYS Runtime System prone to heap based buffer overflow
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| CODESYS | Runtime Toolkit | |
| CODESYS | PLCWinNT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:56.007Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32 bit"
],
"product": "Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
},
{
"product": "PLCWinNT",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In multiple CODESYS products, a low privileged remote attacker may craft a request, which may cause a heap-based buffer overflow, resulting in a denial-of-service condition or memory overwrite. User interaction is not required."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T07:46:20",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CODESYS Runtime System prone to heap based buffer overflow",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2022-06-15T12:42:00.000Z",
"ID": "CVE-2022-32137",
"STATE": "PUBLIC",
"TITLE": "CODESYS Runtime System prone to heap based buffer overflow"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Runtime Toolkit",
"version": {
"version_data": [
{
"platform": "32 bit",
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
},
{
"product_name": "PLCWinNT",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
}
]
},
"vendor_name": "CODESYS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In multiple CODESYS products, a low privileged remote attacker may craft a request, which may cause a heap-based buffer overflow, resulting in a denial-of-service condition or memory overwrite. User interaction is not required."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122 Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download=",
"refsource": "CONFIRM",
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2022-32137",
"datePublished": "2022-06-24T07:46:20.466345Z",
"dateReserved": "2022-05-31T00:00:00",
"dateUpdated": "2024-09-16T21:04:08.115Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-3192
Vulnerability from cvelistv5
Published
2023-03-31 16:13
Modified
2024-08-03 01:00
Severity ?
EPSS score ?
Summary
Improper Check for Unusual or Exceptional Conditions
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:00:10.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR011162\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://abb.com/plc",
"defaultStatus": "unknown",
"packageName": "PM5xx",
"product": "AC500 V2",
"vendor": "ABB",
"versions": [
{
"lessThan": "2.8.6",
"status": "affected",
"version": "2.0.0",
"versionType": "release"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "ABB thanks the following for working with us to help protect customers: CVE-2022-3192: Parul Sindhwad and Dr. Faruk Kazi of CoE CNDS lab, VJTI, Mumbai (India) for reporting this vulnerability following coordinated disclosure."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Input Validation vulnerability in ABB AC500 V2 PM5xx allows Client-Server Protocol Manipulation.\u003cp\u003eThis issue affects AC500 V2: from 2.0.0 before 2.8.6.\u003c/p\u003e"
}
],
"value": "Improper Input Validation vulnerability in ABB AC500 V2 PM5xx allows Client-Server Protocol Manipulation.This issue affects AC500 V2: from 2.0.0 before 2.8.6.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-220",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-220 Client-Server Protocol Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-13T03:57:46.530Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR011162\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": " Improper Check for Unusual or Exceptional Conditions",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eUse the communication protocol \"Tcp/Ip\" instead of \"ABB Tcp/Ip Level 2\" (i.e. Port 1201 instead of 1200) for the connection between engineering software and PLC. \u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eThis protocol/port is not affected by the DoS impact of the vulnerability.\u003cbr\u003e\u003c/div\u003e"
}
],
"value": "Use the communication protocol \"Tcp/Ip\" instead of \"ABB Tcp/Ip Level 2\" (i.e. Port 1201 instead of 1200) for the connection between engineering software and PLC. \n\n\nThis protocol/port is not affected by the DoS impact of the vulnerability.\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2022-3192",
"datePublished": "2023-03-31T16:13:13.149Z",
"dateReserved": "2022-09-13T05:57:45.421Z",
"dateUpdated": "2024-08-03T01:00:10.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32136
Vulnerability from cvelistv5
Published
2022-06-24 07:46
Modified
2024-09-16 17:58
Severity ?
EPSS score ?
Summary
Codesys runtime systems: Access of uninitialised pointer lead to denial of service.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| CODESYS | Runtime Toolkit | |
| CODESYS | PLCWinNT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:56.014Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32 bit"
],
"product": "Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
},
{
"product": "PLCWinNT",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In multiple CODESYS products, a low privileged remote attacker may craft a request that cause a read access to an uninitialized pointer, resulting in a denial-of-service. User interaction is not required."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824 Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T07:46:18",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Codesys runtime systems: Access of uninitialised pointer lead to denial of service.",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2022-06-15T09:10:00.000Z",
"ID": "CVE-2022-32136",
"STATE": "PUBLIC",
"TITLE": "Codesys runtime systems: Access of uninitialised pointer lead to denial of service."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Runtime Toolkit",
"version": {
"version_data": [
{
"platform": "32 bit",
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
},
{
"product_name": "PLCWinNT",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
}
]
},
"vendor_name": "CODESYS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In multiple CODESYS products, a low privileged remote attacker may craft a request that cause a read access to an uninitialized pointer, resulting in a denial-of-service. User interaction is not required."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-824 Access of Uninitialized Pointer"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download=",
"refsource": "CONFIRM",
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2022-32136",
"datePublished": "2022-06-24T07:46:18.799994Z",
"dateReserved": "2022-05-31T00:00:00",
"dateUpdated": "2024-09-16T17:58:43.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34595
Vulnerability from cvelistv5
Published
2021-10-26 09:55
Modified
2024-09-17 03:42
Severity ?
EPSS score ?
Summary
CODESYS V2 runtime: out-of-bounds read or write access may result in denial-of-service
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| CODESYS | CODESYS V2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:47.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=16878\u0026token=e5644ec405590e66aefa62304cb8632df9fc9e9c\u0026download="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CODESYS V2",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.56",
"status": "affected",
"version": "Runtime Toolkit 32 bit full",
"versionType": "custom"
},
{
"lessThan": "V2.4.7.56",
"status": "affected",
"version": "PLCWinNT",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was reported by Chen Jie and Gao Jian of NSFOCUS."
}
],
"datePublic": "2021-10-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-823",
"description": "CWE-823 Use of Out-of-range Pointer Offset",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-26T09:55:52",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=16878\u0026token=e5644ec405590e66aefa62304cb8632df9fc9e9c\u0026download="
}
],
"solutions": [
{
"lang": "en",
"value": "CODESYS GmbH has released the following product versions to solve the noted vulnerability issue for the affected CODESYS products:\n * CODESYS Runtime Toolkit 32 bit full version V2.4.7.56\n * CODESYS PLCWinNT version V2.4.7.56. This will also be part of the CODESYS Development System setup version V2.3.9.68."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CODESYS V2 runtime: out-of-bounds read or write access may result in denial-of-service",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2021-10-25T14:00:00.000Z",
"ID": "CVE-2021-34595",
"STATE": "PUBLIC",
"TITLE": "CODESYS V2 runtime: out-of-bounds read or write access may result in denial-of-service"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CODESYS V2",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Runtime Toolkit 32 bit full",
"version_value": "V2.4.7.56"
},
{
"version_affected": "\u003c",
"version_name": "PLCWinNT",
"version_value": "V2.4.7.56"
}
]
}
}
]
},
"vendor_name": "CODESYS"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was reported by Chen Jie and Gao Jian of NSFOCUS."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-823 Use of Out-of-range Pointer Offset"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=16878\u0026token=e5644ec405590e66aefa62304cb8632df9fc9e9c\u0026download=",
"refsource": "CONFIRM",
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=16878\u0026token=e5644ec405590e66aefa62304cb8632df9fc9e9c\u0026download="
}
]
},
"solution": [
{
"lang": "en",
"value": "CODESYS GmbH has released the following product versions to solve the noted vulnerability issue for the affected CODESYS products:\n * CODESYS Runtime Toolkit 32 bit full version V2.4.7.56\n * CODESYS PLCWinNT version V2.4.7.56. This will also be part of the CODESYS Development System setup version V2.3.9.68."
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2021-34595",
"datePublished": "2021-10-26T09:55:52.868387Z",
"dateReserved": "2021-06-10T00:00:00",
"dateUpdated": "2024-09-17T03:42:53.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32139
Vulnerability from cvelistv5
Published
2022-06-24 07:46
Modified
2024-09-16 16:13
Severity ?
EPSS score ?
Summary
CODESYS runtime system prone to denial of service due to out of bounds read
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| CODESYS | Runtime Toolkit | |
| CODESYS | PLCWinNT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:56.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32 bit"
],
"product": "Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
},
{
"product": "PLCWinNT",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In multiple CODESYS products, a low privileged remote attacker may craft a request, which cause an out-of-bounds read, resulting in a denial-of-service condition. User Interaction is not required."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T07:46:23",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CODESYS runtime system prone to denial of service due to out of bounds read",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2022-06-15T07:26:00.000Z",
"ID": "CVE-2022-32139",
"STATE": "PUBLIC",
"TITLE": "CODESYS runtime system prone to denial of service due to out of bounds read"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Runtime Toolkit",
"version": {
"version_data": [
{
"platform": "32 bit",
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
},
{
"product_name": "PLCWinNT",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
}
]
},
"vendor_name": "CODESYS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In multiple CODESYS products, a low privileged remote attacker may craft a request, which cause an out-of-bounds read, resulting in a denial-of-service condition. User Interaction is not required."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125 Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download=",
"refsource": "CONFIRM",
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2022-32139",
"datePublished": "2022-06-24T07:46:23.482737Z",
"dateReserved": "2022-05-31T00:00:00",
"dateUpdated": "2024-09-16T16:13:22.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-32143
Vulnerability from cvelistv5
Published
2022-06-24 07:46
Modified
2024-09-16 17:28
Severity ?
EPSS score ?
Summary
CODESYS runtime system prone to directory acces
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| CODESYS | Runtime Toolkit | |
| CODESYS | PLCWinNT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:55.974Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32 bit"
],
"product": "Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
},
{
"product": "PLCWinNT",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "V2.4.7.57",
"status": "affected",
"version": "V2",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In multiple CODESYS products, file download and upload function allows access to internal files in the working directory e.g. firmware files of the PLC. All requests are processed on the controller only if no level 1 password is configured on the controller or if remote attacker has previously successfully authenticated himself to the controller. A successful Attack may lead to a denial of service, change of local files, or drain of confidential Information. User interaction is not required"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552 Files or Directories Accessible to External Parties",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-24T07:46:30",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CODESYS runtime system prone to directory acces",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2022-06-15T08:12:00.000Z",
"ID": "CVE-2022-32143",
"STATE": "PUBLIC",
"TITLE": "CODESYS runtime system prone to directory acces"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Runtime Toolkit",
"version": {
"version_data": [
{
"platform": "32 bit",
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
},
{
"product_name": "PLCWinNT",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "V2",
"version_value": "V2.4.7.57"
}
]
}
}
]
},
"vendor_name": "CODESYS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In multiple CODESYS products, file download and upload function allows access to internal files in the working directory e.g. firmware files of the PLC. All requests are processed on the controller only if no level 1 password is configured on the controller or if remote attacker has previously successfully authenticated himself to the controller. A successful Attack may lead to a denial of service, change of local files, or drain of confidential Information. User interaction is not required"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-552 Files or Directories Accessible to External Parties"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download=",
"refsource": "CONFIRM",
"url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17139\u0026token=ec67d15a433b61c77154166c20c78036540cacb0\u0026download="
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2022-32143",
"datePublished": "2022-06-24T07:46:30.133019Z",
"dateReserved": "2022-05-31T00:00:00",
"dateUpdated": "2024-09-16T17:28:17.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.