Vulnerability-Lookup

CVE-2023-3662 (GCVE-0-2023-3662)

Vulnerability from cvelistv5 – Published: 2023-08-03 10:55 – Updated: 2025-02-27 21:11

Title

CODESYS: Vulnerability in CODESYS Development System allows for execution of binaries

Summary

In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context .

Severity

7.3 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-427 - Uncontrolled Search Path Element

Assigner

CERTVDE

References

1 reference

URL	Tags
https://cert.vde.com/en/advisories/VDE-2023-021/

Impacted products

1 product

Vendor	Product	Version
CODESYS	CODESYS Development System	Affected: 3.5.17.0 , < 3.5.19.20 (semver)

Date Public

2023-08-03 10:30

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:01:57.375Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en/advisories/VDE-2023-021/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-3662",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T21:54:27.291596Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-27T21:11:28.683Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CODESYS Development System",
          "vendor": "CODESYS",
          "versions": [
            {
              "lessThan": "3.5.19.20",
              "status": "affected",
              "version": "3.5.17.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "datePublic": "2023-08-03T10:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context ."
            }
          ],
          "value": "In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context ."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-427",
              "description": "CWE-427 Uncontrolled Search Path Element",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-03T10:55:43.844Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "url": "https://cert.vde.com/en/advisories/VDE-2023-021/"
        }
      ],
      "source": {
        "advisory": "VDE-2023-021",
        "defect": [
          "CERT@VDE#64560"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "CODESYS: Vulnerability in CODESYS Development System allows for execution of binaries",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2023-3662",
    "datePublished": "2023-08-03T10:55:43.844Z",
    "dateReserved": "2023-07-13T12:54:10.262Z",
    "dateUpdated": "2025-02-27T21:11:28.683Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2023-3662",
      "date": "2026-05-30",
      "epss": "0.00032",
      "percentile": "0.09706"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-3662\",\"sourceIdentifier\":\"info@cert.vde.com\",\"published\":\"2023-08-03T11:15:09.977\",\"lastModified\":\"2024-11-21T08:17:47.047\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context .\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.3,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-427\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.5.17.0\",\"versionEndExcluding\":\"3.5.19.20\",\"matchCriteriaId\":\"D282EA7A-7746-4B5F-B24D-6BA88F95D8FA\"}]}]}],\"references\":[{\"url\":\"https://cert.vde.com/en/advisories/VDE-2023-021/\",\"source\":\"info@cert.vde.com\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://cert.vde.com/en/advisories/VDE-2023-021/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"defaultStatus\": \"unaffected\", \"product\": \"CODESYS Development System\", \"vendor\": \"CODESYS\", \"versions\": [{\"lessThan\": \"3.5.19.20\", \"status\": \"affected\", \"version\": \"3.5.17.0\", \"versionType\": \"semver\"}]}], \"datePublic\": \"2023-08-03T10:30:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context .\"}], \"value\": \"In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context .\"}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"LOCAL\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 7.3, \"baseSeverity\": \"HIGH\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"REQUIRED\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\", \"version\": \"3.1\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-427\", \"description\": \"CWE-427 Uncontrolled Search Path Element\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"orgId\": \"270ccfa6-a436-4e77-922e-914ec3a9685c\", \"shortName\": \"CERTVDE\", \"dateUpdated\": \"2023-08-03T10:55:43.844Z\"}, \"references\": [{\"url\": \"https://cert.vde.com/en/advisories/VDE-2023-021/\"}], \"source\": {\"advisory\": \"VDE-2023-021\", \"defect\": [\"CERT@VDE#64560\"], \"discovery\": \"EXTERNAL\"}, \"title\": \"CODESYS: Vulnerability in CODESYS Development System allows for execution of binaries\", \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T07:01:57.375Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://cert.vde.com/en/advisories/VDE-2023-021/\", \"tags\": [\"x_transferred\"]}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-3662\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-26T21:54:27.291596Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-26T20:40:32.700Z\"}}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-3662\", \"assignerOrgId\": \"270ccfa6-a436-4e77-922e-914ec3a9685c\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"CERTVDE\", \"dateReserved\": \"2023-07-13T12:54:10.262Z\", \"datePublished\": \"2023-08-03T10:55:43.844Z\", \"dateUpdated\": \"2025-02-27T21:11:28.683Z\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

VDE-2023-068

Vulnerability from csaf_wagogmbhcokg - Published: 2024-05-21 06:00 - Updated: 2024-05-21 06:00

Summary

WAGO: Multiple Vulnerabilities in e!Cockpit and e!Runtime / CODESYS Runtime

Notes

Summary: The following vulnerabilities are published with reference to CODESYS Advisory 2023-05, CODESYS Advisory 2023-06 and CODESYS Advisory 2023-09

Impact: Please refer to the official CODESYS Advisories: Advisory2023-05_CDS-85189 Advisory2023-06_CDS-85457 Advisory2023-09_SCRIPT-44 Website at https://www.codesys.com/security/security-reports.html

Mitigation: Depending on the vulnerability there are possible mitigations: Vulnerability of CODESYS Advisory 2023-05: - This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service. In addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits: - Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside. - Use firewalls to protect and separate the control system network from other networks. - Use VPN (Virtual Private Networks) tunnels if remote access is required. - Activate and apply user management and password features. - Use encrypted communication links. - Limit the access to both development and control system by physical means, operating system features, etc. - Protect both development and control system by using up to date virus detection solutions. For further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html

Remediation: ### Fixed Firmware 3 | Product | Status | |-------------|-----------| | 750-8000 | available | | 750-8001 | available | ### Fixed Firmware 26 #### Compact Controller 100 family | Product | Status | |---------------------|-----------| | 751-9301/xxx-xxx | available | | 751-9401/xxx-xxx | available | #### PFC 100 family | Product | Status | |---------------------|-----------| | 750-8100/xxx-xxx | available | | 750-8101/xxx-xxx | available | | 750-8102/xxx-xxx | available | #### PFC 200 family | Product | Status | |---------------------|-----------| | 750-8202/xxx-xxx | available | | 750-8203/xxx-xxx | available | | 750-8204/xxx-xxx | available | | 750-8206/xxx-xxx | available | | 750-8207/xxx-xxx | available | | 750-8210/xxx-xxx | available | | 750-8211/xxx-xxx | available | | 750-8212/xxx-xxx | available | | 750-8213/xxx-xxx | available | | 750-8214/xxx-xxx | available | | 750-8215/xxx-xxx | available | | 750-8216/xxx-xxx | available | | 750-8217/xxx-xxx | available | #### TP 600 family | Product | Status | |------------------------|-----------| | 762-4x0x/8000-000x | available | | 762-5x0x/8000-000x | available | | 762-6x0x/8000-000x | available | #### EC 300 family | Product | Status | |------------------------|-----------| | 752-8303/8000-0002 | available | ### Fixed Firmware 22 Patch 2 #### Compact Controller 100 family | Product | Status | |---------------------|-----------| | 751-9301/xxx-xxx | planned | | 751-9401/xxx-xxx | planned | #### PFC 100 family | Product | Status | |---------------------|-----------| | 750-8100/xxx-xxx | planned | | 750-8101/xxx-xxx | planned | | 750-8102/xxx-xxx | planned | #### PFC 200 family | Product | Status | |---------------------|-----------| | 750-8202/xxx-xxx | planned | | 750-8203/xxx-xxx | planned | | 750-8204/xxx-xxx | planned | | 750-8206/xxx-xxx | planned | | 750-8207/xxx-xxx | planned | | 750-8210/xxx-xxx | planned | | 750-8211/xxx-xxx | planned | | 750-8212/xxx-xxx | planned | | 750-8213/xxx-xxx | planned | | 750-8214/xxx-xxx | planned | | 750-8215/xxx-xxx | planned | | 750-8216/xxx-xxx | planned | | 750-8217/xxx-xxx | planned | #### TP 600 family | Product | Status | |------------------------|-----------| | 762-4x0x/8000-000x | planned | | 762-5x0x/8000-000x | planned | | 762-6x0x/8000-000x | planned | #### EC 300 family | Product | Status | |------------------------|-----------| | 752-8303/8000-0002 | planned | A fixed version of e!COCKPIT is planned.

CVE-2023-3662

In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context .

7.3 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-427 - Uncontrolled Search Path Element

Mitigation Depending on the vulnerability there are possible mitigations: Vulnerability of CODESYS Advisory 2023-05: - This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service. In addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits: - Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside. - Use firewalls to protect and separate the control system network from other networks. - Use VPN (Virtual Private Networks) tunnels if remote access is required. - Activate and apply user management and password features. - Use encrypted communication links. - Limit the access to both development and control system by physical means, operating system features, etc. - Protect both development and control system by using up to date virus detection solutions. For further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html

Vendor Fix ### Fixed Firmware 3 | Product | Status | |-------------|-----------| | 750-8000 | available | | 750-8001 | available | ### Fixed Firmware 26 #### Compact Controller 100 family | Product | Status | |---------------------|-----------| | 751-9301/xxx-xxx | available | | 751-9401/xxx-xxx | available | #### PFC 100 family | Product | Status | |---------------------|-----------| | 750-8100/xxx-xxx | available | | 750-8101/xxx-xxx | available | | 750-8102/xxx-xxx | available | #### PFC 200 family | Product | Status | |---------------------|-----------| | 750-8202/xxx-xxx | available | | 750-8203/xxx-xxx | available | | 750-8204/xxx-xxx | available | | 750-8206/xxx-xxx | available | | 750-8207/xxx-xxx | available | | 750-8210/xxx-xxx | available | | 750-8211/xxx-xxx | available | | 750-8212/xxx-xxx | available | | 750-8213/xxx-xxx | available | | 750-8214/xxx-xxx | available | | 750-8215/xxx-xxx | available | | 750-8216/xxx-xxx | available | | 750-8217/xxx-xxx | available | #### TP 600 family | Product | Status | |------------------------|-----------| | 762-4x0x/8000-000x | available | | 762-5x0x/8000-000x | available | | 762-6x0x/8000-000x | available | #### EC 300 family | Product | Status | |------------------------|-----------| | 752-8303/8000-0002 | available | ### Fixed Firmware 22 Patch 2 #### Compact Controller 100 family | Product | Status | |---------------------|-----------| | 751-9301/xxx-xxx | planned | | 751-9401/xxx-xxx | planned | #### PFC 100 family | Product | Status | |---------------------|-----------| | 750-8100/xxx-xxx | planned | | 750-8101/xxx-xxx | planned | | 750-8102/xxx-xxx | planned | #### PFC 200 family | Product | Status | |---------------------|-----------| | 750-8202/xxx-xxx | planned | | 750-8203/xxx-xxx | planned | | 750-8204/xxx-xxx | planned | | 750-8206/xxx-xxx | planned | | 750-8207/xxx-xxx | planned | | 750-8210/xxx-xxx | planned | | 750-8211/xxx-xxx | planned | | 750-8212/xxx-xxx | planned | | 750-8213/xxx-xxx | planned | | 750-8214/xxx-xxx | planned | | 750-8215/xxx-xxx | planned | | 750-8216/xxx-xxx | planned | | 750-8217/xxx-xxx | planned | #### TP 600 family | Product | Status | |------------------------|-----------| | 762-4x0x/8000-000x | planned | | 762-5x0x/8000-000x | planned | | 762-6x0x/8000-000x | planned | #### EC 300 family | Product | Status | |------------------------|-----------| | 752-8303/8000-0002 | planned | A fixed version of e!COCKPIT is planned.

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

CVE-2023-3670

In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users.

7.3 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-668 - Exposure of Resource to Wrong Sphere

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

CVE-2023-37559

After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

CVE-2023-37558

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

CVE-2023-37557

After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-787 - Out-of-bounds Write

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

CVE-2023-37556

In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37555.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

CVE-2023-37555

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

CVE-2023-37554

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

CVE-2023-37553

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

CVE-2023-37552

In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

CVE-2023-37551

In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CWE-552 - Files or Directories Accessible to External Parties

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

CVE-2023-37550

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

CVE-2023-37549

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

CVE-2023-37548

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

CVE-2023-37547

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

CVE-2023-37546

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

CVE-2023-37545

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Known affected 8 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-31001		—
Unresolved product id: CSAFPID-31002		—
Unresolved product id: CSAFPID-31003		—
Unresolved product id: CSAFPID-31004		—
Unresolved product id: CSAFPID-31005		—
Unresolved product id: CSAFPID-31006		—
Unresolved product id: CSAFPID-31007		—
Unresolved product id: CSAFPID-31008		—

References

4 references

URL	Category
https://certvde.com/en/advisories/VDE-2023-068/	self
https://wago.csaf-tp.certvde.com/.well-known/csaf…	self
https://www.wago.com/psirt	external
https://certvde.com/en/advisories/vendor/wago/	external

Acknowledgments

CERT@VDE certvde.com

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "The following vulnerabilities are published with reference to CODESYS Advisory 2023-05, CODESYS Advisory 2023-06 and CODESYS Advisory 2023-09",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "Please refer to the official CODESYS Advisories:\n\nAdvisory2023-05_CDS-85189\nAdvisory2023-06_CDS-85457\nAdvisory2023-09_SCRIPT-44\n\nWebsite at https://www.codesys.com/security/security-reports.html",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@wago.com",
      "name": "WAGO GmbH \u0026 Co. KG",
      "namespace": "https://www.wago.com/psirt"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2023-068: WAGO: Multiple Vulnerabilities in e!Cockpit and e!Runtime / CODESYS Runtime - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2023-068/"
      },
      {
        "category": "self",
        "summary": "VDE-2023-068: WAGO: Multiple Vulnerabilities in e!Cockpit and e!Runtime / CODESYS Runtime - CSAF",
        "url": "https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2023-068.json"
      },
      {
        "category": "external",
        "summary": "Vendor PSIRT",
        "url": "https://www.wago.com/psirt"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for WAGO GmbH \u0026 Co. KG",
        "url": "https://certvde.com/en/advisories/vendor/wago/"
      }
    ],
    "title": "WAGO: Multiple Vulnerabilities in e!Cockpit and e!Runtime / CODESYS Runtime",
    "tracking": {
      "aliases": [
        "VDE-2023-068"
      ],
      "current_release_date": "2024-05-21T06:00:00.000Z",
      "generator": {
        "date": "2025-06-03T14:10:27.325Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.26"
        }
      },
      "id": "VDE-2023-068",
      "initial_release_date": "2024-05-21T06:00:00.000Z",
      "revision_history": [
        {
          "date": "2024-05-21T06:00:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Basic Controller 100",
                "product": {
                  "name": "Basic Controller 100",
                  "product_id": "CSAFPID-11001",
                  "product_identification_helper": {
                    "model_numbers": [
                      "750-8001",
                      "750-8000"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Compact Controller 100",
                "product": {
                  "name": "Compact Controller 100",
                  "product_id": "CSAFPID-11002",
                  "product_identification_helper": {
                    "model_numbers": [
                      "751-9401/xxx-xxx",
                      "751-9301/xxx-xxx"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "EC 300",
                "product": {
                  "name": "EC 300",
                  "product_id": "CSAFPID-11003",
                  "product_identification_helper": {
                    "model_numbers": [
                      "752-8303/8000-0002"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "e!COCKPIT",
                "product": {
                  "name": "e!COCKPIT",
                  "product_id": "CSAFPID-11004"
                }
              },
              {
                "category": "product_name",
                "name": "PFC 100",
                "product": {
                  "name": "PFC 100",
                  "product_id": "CSAFPID-11005",
                  "product_identification_helper": {
                    "model_numbers": [
                      "750-8100/xxx-xxx",
                      "750-8101/xxx-xxx",
                      "750-8102/xxx-xxx"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "PFC 200 G1",
                "product": {
                  "name": "PFC 200 G1",
                  "product_id": "CSAFPID-11006",
                  "product_identification_helper": {
                    "model_numbers": [
                      "750-8203/xxx-xxx",
                      "750-8206/xxx-xxx",
                      "750-8204/xxx-xxx",
                      "750-8207/xxx-xxx",
                      "750-8202/xxx-xxx"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "PFC 200 G2",
                "product": {
                  "name": "PFC 200 G2",
                  "product_id": "CSAFPID-11007",
                  "product_identification_helper": {
                    "model_numbers": [
                      "750-8215/xxx-xxx",
                      "750-8217/xxx-xxx",
                      "750-8210/xxx-xxx",
                      "750-8211/xxx-xxx",
                      "750-8212/xxx-xxx",
                      "750-8213/xxx-xxx",
                      "750-8214/xxx-xxx",
                      "750-8216/xxx-xxx"
                    ]
                  }
                }
              },
              {
                "category": "product_name",
                "name": "TP 600",
                "product": {
                  "name": "TP 600",
                  "product_id": "CSAFPID-11008",
                  "product_identification_helper": {
                    "model_numbers": [
                      "762-4x0x/8000-000x",
                      "762-5x0x/8000-000x",
                      "762-6x0x/8000-000x"
                    ]
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=FW2",
                "product": {
                  "name": "Firmware \u003c=FW2",
                  "product_id": "CSAFPID-21001"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=FW25",
                "product": {
                  "name": "Firmware \u003c=FW25",
                  "product_id": "CSAFPID-21002"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=1.11.2.0",
                "product": {
                  "name": "Firmware \u003c=1.11.2.0",
                  "product_id": "CSAFPID-21003"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=FW22 Patch 1",
                "product": {
                  "name": "Firmware \u003c=FW22 Patch 1",
                  "product_id": "CSAFPID-21004"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "WAGO"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ],
        "summary": "Affected products."
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=FW2 installed on Basic Controller 100",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=FW25 installed on Compact Controller 100",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=FW25 installed on EC 300",
          "product_id": "CSAFPID-31003"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=1.11.2.0 installed on e!COCKPIT",
          "product_id": "CSAFPID-31004"
        },
        "product_reference": "CSAFPID-21003",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=FW22 Patch 1 installed on PFC 100",
          "product_id": "CSAFPID-31005"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11005"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=FW22 Patch 1 installed on PFC 200 G1",
          "product_id": "CSAFPID-31006"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11006"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=FW25 installed on PFC 200 G2",
          "product_id": "CSAFPID-31007"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11007"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=FW25 installed on TP 600",
          "product_id": "CSAFPID-31008"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11008"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-3662",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "description",
          "text": "In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context .",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.3,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 7.3,
            "temporalSeverity": "HIGH",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-3662"
    },
    {
      "cve": "CVE-2023-3670",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "notes": [
        {
          "category": "description",
          "text": "In CODESYS Development System 3.5.9.0 to\u00a03.5.17.0 and\u00a0CODESYS Scripting\u00a04.0.0.0 to\u00a04.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.3,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 7.3,
            "temporalSeverity": "HIGH",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-3670"
    },
    {
      "cve": "CVE-2023-37559",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "description",
          "text": "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-37559"
    },
    {
      "cve": "CVE-2023-37558",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "description",
          "text": "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-37558"
    },
    {
      "cve": "CVE-2023-37557",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "description",
          "text": "After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-37557"
    },
    {
      "cve": "CVE-2023-37556",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u00a0CVE-2023-37552,\u00a0CVE-2023-37553,\u00a0CVE-2023-37554 and CVE-2023-37555.\n\n",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-37556"
    },
    {
      "cve": "CVE-2023-37555",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u00a0CVE-2023-37552,\u00a0CVE-2023-37553,\u00a0CVE-2023-37554 and\u00a0CVE-2023-37556.\n\n",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-37555"
    },
    {
      "cve": "CVE-2023-37554",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u00a0CVE-2023-37552,\u00a0CVE-2023-37553, CVE-2023-37555 and\u00a0CVE-2023-37556.\n\n",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-37554"
    },
    {
      "cve": "CVE-2023-37553",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to\u00a0CVE-2023-37552,\u00a0CVE-2023-37554,\u00a0CVE-2023-37555 and\u00a0CVE-2023-37556.\n\n",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-37553"
    },
    {
      "cve": "CVE-2023-37552",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553,\u00a0CVE-2023-37554,\u00a0CVE-2023-37555 and\u00a0CVE-2023-37556.\n\n",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-37552"
    },
    {
      "cve": "CVE-2023-37551",
      "cwe": {
        "id": "CWE-552",
        "name": "Files or Directories Accessible to External Parties"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-37551"
    },
    {
      "cve": "CVE-2023-37550",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546,\u00a0CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.\n\n",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-37550"
    },
    {
      "cve": "CVE-2023-37549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546,\u00a0CVE-2023-37547, CVE-2023-37548 and CVE-2023-37550\n\n",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-37549"
    },
    {
      "cve": "CVE-2023-37548",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546,\u00a0CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550\n\n",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-37548"
    },
    {
      "cve": "CVE-2023-37547",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550\n\n",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-37547"
    },
    {
      "cve": "CVE-2023-37546",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550\n\n",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-37546"
    },
    {
      "cve": "CVE-2023-37545",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546,\u00a0CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550\n\n",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Depending on the vulnerability there are possible mitigations:\n\nVulnerability of CODESYS Advisory 2023-05:\n\n- This vulnerability exists in the CODESYS programming service which is needed for commission only. Deactivate the CODESYS programming port in the web-based management if you do not need the service.\n\nIn addition to the mitigation hints CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure they are not accessible from outside.\n- Use firewalls to protect and separate the control system network from other networks.\n- Use VPN (Virtual Private Networks) tunnels if remote access is required.\n- Activate and apply user management and password features.\n- Use encrypted communication links.\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detection solutions.\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "### Fixed Firmware 3\n\n| Product     | Status    |\n|-------------|-----------|\n| 750-8000    | available |\n| 750-8001    | available |\n\n\n### Fixed Firmware 26\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | available |\n| 751-9401/xxx-xxx    | available |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | available |\n| 750-8101/xxx-xxx    | available |\n| 750-8102/xxx-xxx    | available |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | available |\n| 750-8203/xxx-xxx    | available |\n| 750-8204/xxx-xxx    | available |\n| 750-8206/xxx-xxx    | available |\n| 750-8207/xxx-xxx    | available |\n| 750-8210/xxx-xxx    | available |\n| 750-8211/xxx-xxx    | available |\n| 750-8212/xxx-xxx    | available |\n| 750-8213/xxx-xxx    | available |\n| 750-8214/xxx-xxx    | available |\n| 750-8215/xxx-xxx    | available |\n| 750-8216/xxx-xxx    | available |\n| 750-8217/xxx-xxx    | available |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | available |\n| 762-5x0x/8000-000x     | available |\n| 762-6x0x/8000-000x     | available |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | available |\n\n\n### Fixed Firmware 22 Patch 2\n\n#### Compact Controller 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 751-9301/xxx-xxx    | planned   |\n| 751-9401/xxx-xxx    | planned   |\n\n#### PFC 100 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8100/xxx-xxx    | planned   |\n| 750-8101/xxx-xxx    | planned   |\n| 750-8102/xxx-xxx    | planned   |\n\n#### PFC 200 family\n\n| Product             | Status    |\n|---------------------|-----------|\n| 750-8202/xxx-xxx    | planned   |\n| 750-8203/xxx-xxx    | planned   |\n| 750-8204/xxx-xxx    | planned   |\n| 750-8206/xxx-xxx    | planned   |\n| 750-8207/xxx-xxx    | planned   |\n| 750-8210/xxx-xxx    | planned   |\n| 750-8211/xxx-xxx    | planned   |\n| 750-8212/xxx-xxx    | planned   |\n| 750-8213/xxx-xxx    | planned   |\n| 750-8214/xxx-xxx    | planned   |\n| 750-8215/xxx-xxx    | planned   |\n| 750-8216/xxx-xxx    | planned   |\n| 750-8217/xxx-xxx    | planned   |\n\n#### TP 600 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 762-4x0x/8000-000x     | planned   |\n| 762-5x0x/8000-000x     | planned   |\n| 762-6x0x/8000-000x     | planned   |\n\n#### EC 300 family\n\n| Product               | Status    |\n|------------------------|-----------|\n| 752-8303/8000-0002     | planned   |\n\n\nA fixed version of e!COCKPIT is planned.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008"
          ]
        }
      ],
      "title": "CVE-2023-37545"
    }
  ]
}

WID-SEC-W-2024-0943

Vulnerability from csaf_certbund - Published: 2024-04-21 22:00 - Updated: 2025-01-07 23:00

Summary

CODESYS: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: CODESYS ist eine herstellerunabhängige Automatisierungssoftware für die Entwicklung von Steuerungsanwendungen in der industriellen Automatisierung.

Angriff: Ein Angreifer kann mehrere Schwachstellen in CODESYS ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder einen Brute-Force-Angriff durchzuführen.

Betroffene Betriebssysteme: - Sonstiges

CVE-2022-22516

Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzulässigen Einschränkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuführen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden.

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2022-4046

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2022-47391

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-28355

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-3662

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-3663

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-3669

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-3670

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-37545

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-37546

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-37547

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-37548

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-37549

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-37550

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-37551

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-37552

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-37553

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-37554

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-37555

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-37556

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-37557

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-37558

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-37559

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-3935

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

CVE-2023-6357

Affected products

Known affected 2 products

Product	Identifier	Version	Remediation
CODESYS CODESYS CODESYS	`cpe:/a:codesys:codesys:-`	—
ABB AC-500 <3.8.0 ABB / AC-500		<3.8.0

References

13 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://customers.codesys.com/index.php?eID=dumpF…	external
https://customers.codesys.com/index.php?eID=dumpF…	external
https://customers.codesys.com/index.php?eID=dumpF…	external
https://customers.codesys.com/index.php?eID=dumpF…	external
https://customers.codesys.com/index.php?eID=dumpF…	external
https://customers.codesys.com/index.php?eID=dumpF…	external
https://customers.codesys.com/index.php?eID=dumpF…	external
https://customers.codesys.com/index.php?eID=dumpF…	external
https://customers.codesys.com/index.php?eID=dumpF…	external
https://customers.codesys.com/index.php?eID=dumpF…	external
https://search.abb.com/library/Download.aspx?Docu…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "CODESYS ist eine herstellerunabh\u00e4ngige Automatisierungssoftware f\u00fcr die Entwicklung von Steuerungsanwendungen in der industriellen Automatisierung.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in CODESYS ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder einen Brute-Force-Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0943 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0943.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0943 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0943"
      },
      {
        "category": "external",
        "summary": "CODESYS Advisory vom 2023-06-27",
        "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17090\u0026token=6cd08b169916366df31388d2e7ba58e7bce93508\u0026download="
      },
      {
        "category": "external",
        "summary": "CODESYS Advisory vom 2023-04-03",
        "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17555\u0026token=212fc7e39bdd260cab6d6ca84333d42f50bcb3da\u0026download="
      },
      {
        "category": "external",
        "summary": "CODESYS Advisory vom 2023-03-08",
        "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17764\u0026token=4b2f3cf3a800d076b22f18d49f278bd8883dbd46\u0026download="
      },
      {
        "category": "external",
        "summary": "CODESYS Advisory vom 2023-10-31",
        "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17765\u0026token=04e117e1408fdb8e02b4bc821aa3be819668aef4\u0026download="
      },
      {
        "category": "external",
        "summary": "CODESYS Advisory vom 2023-08-03",
        "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17766\u0026token=667d36292e99e6f6b7eb8c0b4a86d27137c31f98\u0026download="
      },
      {
        "category": "external",
        "summary": "CODESYS Advisory vom 2023-10-31",
        "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17767\u0026token=7ed2d9324eff98a0a319c455d0256dc7627c705e\u0026download="
      },
      {
        "category": "external",
        "summary": "CODESYS Advisory vom 2023-08-03",
        "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17768\u0026token=9d206ea9e0449cd9d3ee60d5179d2761dad2d2dd\u0026download="
      },
      {
        "category": "external",
        "summary": "CODESYS Advisory vom 2023-07-26",
        "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17769\u0026token=a1a34cd304aebfbc1e2619e401a9a6cb5d4dc117\u0026download="
      },
      {
        "category": "external",
        "summary": "CODESYS Advisory vom 2023-12-05",
        "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17809\u0026token=c3b4e3ec4956099de26f0c6caf194d1ba341040a\u0026download="
      },
      {
        "category": "external",
        "summary": "CODESYS Advisory vom 2024-02-26",
        "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=18027\u0026token=43109051cf95d3445bc616e4efb8414336ebcc47\u0026download="
      },
      {
        "category": "external",
        "summary": "ABB Security Advisory vom 2025-01-07",
        "url": "https://search.abb.com/library/Download.aspx?DocumentID=3ADR011377\u0026LanguageCode=en\u0026DocumentPartId=CSAF\u0026Action=Launch"
      }
    ],
    "source_lang": "en-US",
    "title": "CODESYS: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-01-07T23:00:00.000+00:00",
      "generator": {
        "date": "2025-01-08T10:42:29.688+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2024-0943",
      "initial_release_date": "2024-04-21T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-04-21T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-04-25T22:00:00.000+00:00",
          "number": "2",
          "summary": "Datum der Codesys Meldungen korrigiert."
        },
        {
          "date": "2025-01-07T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates aufgenommen"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c3.8.0",
                "product": {
                  "name": "ABB AC-500 \u003c3.8.0",
                  "product_id": "T040044"
                }
              },
              {
                "category": "product_version",
                "name": "3.8.0",
                "product": {
                  "name": "ABB AC-500 3.8.0",
                  "product_id": "T040044-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/h:abb:ac-500:3.8.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "AC-500"
          }
        ],
        "category": "vendor",
        "name": "ABB"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "CODESYS CODESYS",
            "product": {
              "name": "CODESYS CODESYS",
              "product_id": "T034337",
              "product_identification_helper": {
                "cpe": "cpe:/a:codesys:codesys:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "CODESYS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-22516",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2022-22516"
    },
    {
      "cve": "CVE-2022-4046",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2022-4046"
    },
    {
      "cve": "CVE-2022-47391",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2022-47391"
    },
    {
      "cve": "CVE-2023-28355",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-28355"
    },
    {
      "cve": "CVE-2023-3662",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-3662"
    },
    {
      "cve": "CVE-2023-3663",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-3663"
    },
    {
      "cve": "CVE-2023-3669",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-3669"
    },
    {
      "cve": "CVE-2023-3670",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-3670"
    },
    {
      "cve": "CVE-2023-37545",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-37545"
    },
    {
      "cve": "CVE-2023-37546",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-37546"
    },
    {
      "cve": "CVE-2023-37547",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-37547"
    },
    {
      "cve": "CVE-2023-37548",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-37548"
    },
    {
      "cve": "CVE-2023-37549",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-37549"
    },
    {
      "cve": "CVE-2023-37550",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-37550"
    },
    {
      "cve": "CVE-2023-37551",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-37551"
    },
    {
      "cve": "CVE-2023-37552",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-37552"
    },
    {
      "cve": "CVE-2023-37553",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-37553"
    },
    {
      "cve": "CVE-2023-37554",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-37554"
    },
    {
      "cve": "CVE-2023-37555",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-37555"
    },
    {
      "cve": "CVE-2023-37556",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-37556"
    },
    {
      "cve": "CVE-2023-37557",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-37557"
    },
    {
      "cve": "CVE-2023-37558",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-37558"
    },
    {
      "cve": "CVE-2023-37559",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-37559"
    },
    {
      "cve": "CVE-2023-3935",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-3935"
    },
    {
      "cve": "CVE-2023-6357",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in CODESYS. Diese Fehler bestehen in mehreren Komponenten und Subsystemen wie dem Control, Development System oder dem SysDrv3S.sys-Treiber, unter anderem aufgrund mehrerer sicherheitsrelevanter Probleme wie einer OS-Befehlsinjektion, einem Out-of-bounds-Write oder einer unzul\u00e4ssigen Einschr\u00e4nkung von Authentifizierungsversuchen. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand auszul\u00f6sen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder Brute-Force-Angriffe durchzuf\u00fchren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion oder eine Anmeldung, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034337",
          "T040044"
        ]
      },
      "release_date": "2024-04-21T22:00:00.000+00:00",
      "title": "CVE-2023-6357"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-3662 (GCVE-0-2023-3662)

VDE-2023-068

WID-SEC-W-2024-0943

Tags

Sightings

Nomenclature