ADVISORY2025-09_VDE-2025-099
Vulnerability from csaf_codesysgmbh - Published: 2025-12-01 11:00 - Updated: 2026-02-12 11:00Summary
CODESYS Control - Linux/QNX SysSocket flaw
Severity
Medium
Notes
Summary: A vulnerability has been identified in the CODESYS Control runtime system, which includes an abstraction layer designed to ensure compatibility across different operating systems. This layer is used both by affected CODESYS products and by applications running on the PLC.
The platform-specific adaptation of this abstraction layer for Linux and QNX contains a flaw in the SysSocket implementation. Due to incorrect internal handling and depending on how the caller interacts with the affected function, the issue can lead to an out-of-bounds read.
An unauthenticated attacker may be able to exploit this vulnerability via socket-based communication, potentially causing a crash of the corresponding communication task. Additionally, also clients such as the PLCHandler running on Linux or QNX may be affected if they connect to a malicious server that triggers the flaw.
Successful exploitation requires the attacker to win a race condition, which increases the complexity of the attack.
Note: All platforms other than Linux and QNX are not affected.
Impact: Exploitation of this vulnerability may result in a denial-of-service (DoS) condition on affected PLCs or communication clients based on the PLCHandler, potentially disrupting the operation or monitoring, of industrial control systems.
Mitigation: As the flaw resides in the SysSocketSelect() implementation, which has been switched to a poll()-based approach by default since version 3.5.21.0, the following setting can be added to the configuration file of the affected product (e.g., CODESYSControl.cfg) to revert to the select()-based implementation:
[SysSocket]
LinuxSelectPoll=1
Note: On Linux select() is limited to less than 1024 file descriptors.
Remediation: Update the following products to version 3.5.21.40.
* CODESYS PLCHandler
* CODESYS Remote Target Visu
* CODESYS Runtime Toolkit
Update the following products to version 4.19.0.0.
* CODESYS Control for BeagleBone SL
* CODESYS Control for emPC-A/iMX6 SL
* CODESYS Control for IOT2000 SL
* CODESYS Control for Linux ARM SL
* CODESYS Control for Linux SL
* CODESYS Control for PFC100 SL
* CODESYS Control for PFC200 SL
* CODESYS Control for PLCnext SL
* CODESYS Control for Raspberry Pi SL
* CODESYS Control for WAGO Touch Panels 600 SL
* CODESYS Edge Gateway for Linux
* CODESYS TargetVisu for Linux SL
* CODESYS Virtual Control SL
The CODESYS Development System and the products available as CODESYS add-ons can be downloaded and installed directly with the CODESYS Installer or be downloaded from the CODESYS Store. Alternatively, as well as for all other products, you will find further information on obtaining the software update in the CODESYS Update area https://www.codesys.com/download/.
General Recommendation: As part of a security strategy, CODESYS GmbH strongly recommends at least the following best-practice
defense measures:
* Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside
* Use firewalls to protect and separate the control system network from other networks
* Activate and apply user management and password features
* Limit the access to both development and control system by physical means, operating system features, etc.
* Use encrypted communication links
* Use VPN (Virtual Private Networks) tunnels if remote access is required
* Protect both development and control system by using up to date virus detecting solutions
For more information and general recommendations for protecting machines and plants, see also the
CODESYS Security Whitepaper [here.](https://www.customers.codesys.com/fileadmin/data/customers/security/CODESYS-Security-Whitepaper.pdf)
Disclaimer: CODESYS GmbH assumes no liability whatsoever for indirect, collateral, accidental or consequential losses
that occur by the distribution and/or use of this document or any losses in connection with the distribution and/or use of this document. All information published in this document is provided on good faith by CODESYS GmbH.
Insofar as permissible by law, however, none of this information shall establish any guarantee, commitment or
liability on the part of CODESYS GmbH.
Note: Not all CODESYS features are available in all territories. For more information on geographic restrictions,
please contact sales@codesys.com.
An unauthenticated remote attacker, who beats a race condition, can exploit a flaw in the communication servers of the CODESYS Control runtime system on Linux and QNX to trigger an out-of-bounds read via crafted socket communication, potentially causing a denial of service.
5.9 (Medium)
Mitigation
As the flaw resides in the SysSocketSelect() implementation, which has been switched to a poll()-based approach by default since version 3.5.21.0, the following setting can be added to the configuration file of the affected product (e.g., CODESYSControl.cfg) to revert to the select()-based implementation:
[SysSocket]
LinuxSelectPoll=1
Note: On Linux select() is limited to less than 1024 file descriptors.
Vendor Fix
Update the following products to version 3.5.21.40.
* CODESYS PLCHandler
* CODESYS Remote Target Visu
* CODESYS Runtime Toolkit
The CODESYS Development System and the products available as CODESYS add-ons can be downloaded and installed directly with the CODESYS Installer or be downloaded from the CODESYS Store. Alternatively, as well as for all other products, you will find further information on obtaining the software update in the CODESYS Update area https://www.codesys.com/download/.
Vendor Fix
Update the following products to version 4.19.0.0.
* CODESYS Control for BeagleBone SL
* CODESYS Control for emPC-A/iMX6 SL
* CODESYS Control for IOT2000 SL
* CODESYS Control for Linux ARM SL
* CODESYS Control for Linux SL
* CODESYS Control for PFC100 SL
* CODESYS Control for PFC200 SL
* CODESYS Control for PLCnext SL
* CODESYS Control for Raspberry Pi SL
* CODESYS Control for WAGO Touch Panels 600 SL
* CODESYS Edge Gateway for Linux
* CODESYS TargetVisu for Linux SL
* CODESYS Virtual Control SL
The CODESYS Development System and the products available as CODESYS add-ons can be downloaded and installed directly with the CODESYS Installer or be downloaded from the CODESYS Store. Alternatively, as well as for all other products, you will find further information on obtaining the software update in the CODESYS Update area https://www.codesys.com/download/.
References
| URL | Category | |
|---|---|---|
Acknowledgments
CERT@VDE
www.certvde.com
ABB AG
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://www.certvde.com"
]
},
{
"organization": "ABB AG",
"summary": "reporting"
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "Medium"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "A vulnerability has been identified in the CODESYS Control runtime system, which includes an abstraction layer designed to ensure compatibility across different operating systems. This layer is used both by affected CODESYS products and by applications running on the PLC.\n\nThe platform-specific adaptation of this abstraction layer for Linux and QNX contains a flaw in the SysSocket implementation. Due to incorrect internal handling and depending on how the caller interacts with the affected function, the issue can lead to an out-of-bounds read.\n\nAn unauthenticated attacker may be able to exploit this vulnerability via socket-based communication, potentially causing a crash of the corresponding communication task. Additionally, also clients such as the PLCHandler running on Linux or QNX may be affected if they connect to a malicious server that triggers the flaw.\n\nSuccessful exploitation requires the attacker to win a race condition, which increases the complexity of the attack.\n\nNote: All platforms other than Linux and QNX are not affected.",
"title": "Summary"
},
{
"category": "description",
"text": "Exploitation of this vulnerability may result in a denial-of-service (DoS) condition on affected PLCs or communication clients based on the PLCHandler, potentially disrupting the operation or monitoring, of industrial control systems.",
"title": "Impact"
},
{
"category": "description",
"text": "As the flaw resides in the SysSocketSelect() implementation, which has been switched to a poll()-based approach by default since version 3.5.21.0, the following setting can be added to the configuration file of the affected product (e.g., CODESYSControl.cfg) to revert to the select()-based implementation:\n\n[SysSocket]\nLinuxSelectPoll=1\n\nNote: On Linux select() is limited to less than 1024 file descriptors.",
"title": "Mitigation"
},
{
"category": "description",
"text": "Update the following products to version 3.5.21.40.\n* CODESYS PLCHandler\n* CODESYS Remote Target Visu\n* CODESYS Runtime Toolkit\n\nUpdate the following products to version 4.19.0.0.\n* CODESYS Control for BeagleBone SL\n* CODESYS Control for emPC-A/iMX6 SL\n* CODESYS Control for IOT2000 SL\n* CODESYS Control for Linux ARM SL\n* CODESYS Control for Linux SL\n* CODESYS Control for PFC100 SL\n* CODESYS Control for PFC200 SL\n* CODESYS Control for PLCnext SL\n* CODESYS Control for Raspberry Pi SL\n* CODESYS Control for WAGO Touch Panels 600 SL\n* CODESYS Edge Gateway for Linux\n* CODESYS TargetVisu for Linux SL\n* CODESYS Virtual Control SL \n\nThe CODESYS Development System and the products available as CODESYS add-ons can be downloaded and installed directly with the CODESYS Installer or be downloaded from the CODESYS Store. Alternatively, as well as for all other products, you will find further information on obtaining the software update in the CODESYS Update area https://www.codesys.com/download/.",
"title": "Remediation"
},
{
"category": "general",
"text": "As part of a security strategy, CODESYS GmbH strongly recommends at least the following best-practice\ndefense measures:\n\n* Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside\n* Use firewalls to protect and separate the control system network from other networks\n* Activate and apply user management and password features\n* Limit the access to both development and control system by physical means, operating system features, etc.\n* Use encrypted communication links\n* Use VPN (Virtual Private Networks) tunnels if remote access is required\n* Protect both development and control system by using up to date virus detecting solutions\n\nFor more information and general recommendations for protecting machines and plants, see also the\nCODESYS Security Whitepaper [here.](https://www.customers.codesys.com/fileadmin/data/customers/security/CODESYS-Security-Whitepaper.pdf)",
"title": "General Recommendation"
},
{
"category": "legal_disclaimer",
"text": "CODESYS GmbH assumes no liability whatsoever for indirect, collateral, accidental or consequential losses\nthat occur by the distribution and/or use of this document or any losses in connection with the distribution and/or use of this document. All information published in this document is provided on good faith by CODESYS GmbH.\nInsofar as permissible by law, however, none of this information shall establish any guarantee, commitment or\nliability on the part of CODESYS GmbH.\n\nNote: Not all CODESYS features are available in all territories. For more information on geographic restrictions,\nplease contact sales@codesys.com.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "security@codesys.com",
"name": "CODESYS GmbH",
"namespace": "https://www.codesys.com"
},
"references": [
{
"category": "external",
"summary": "CERT@VDE Security Advisories for CODESYS GmbH",
"url": "https://www.certvde.com/en/advisories/vendor/codesys"
},
{
"category": "self",
"summary": "Advisory2025-09_VDE-2025-099: CODESYS Control - Linux/QNX SysSocket flaw - HTML",
"url": "https://www.certvde.com/en/advisories/VDE-2025-099/"
},
{
"category": "self",
"summary": "Advisory2025-09_VDE-2025-099: CODESYS Control - Linux/QNX SysSocket flaw - CSAF",
"url": "https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2025/advisory2025-09_vde-2025-099.json"
},
{
"category": "external",
"summary": "CODESYS Security Advisories",
"url": "https://www.codesys.com/security/security-reports.html"
},
{
"category": "self",
"summary": "Advisory2025-09_VDE-2025-099: CODESYS Control - Linux/QNX SysSocket flaw - PDF",
"url": "https://api-www.codesys.com/fileadmin/user_upload/CODESYS_Group/Ecosystem/Up-to-Date/Security/Security-Advisories/Advisory2025-09_CDS-94934.pdf"
}
],
"title": "CODESYS Control - Linux/QNX SysSocket flaw",
"tracking": {
"aliases": [
"VDE-2025-099",
"CODESYS Security Advisory 2025-09"
],
"current_release_date": "2026-02-12T11:00:00.000Z",
"generator": {
"date": "2026-02-05T11:09:51.426Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.35"
}
},
"id": "Advisory2025-09_VDE-2025-099",
"initial_release_date": "2025-12-01T11:00:00.000Z",
"revision_history": [
{
"date": "2025-12-01T09:00:00.000Z",
"number": "1.0.0",
"summary": "Initial revision."
},
{
"date": "2026-02-12T11:00:00.000Z",
"number": "1.1.0",
"summary": "Updated remediation category - fixed SL runtimes are now available."
}
],
"status": "final",
"version": "1.1.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "3.5.21.0\u003c3.5.21.40",
"product": {
"name": "CODESYS PLCHandler 3.5.21.0\u003c3.5.21.40",
"product_id": "CSAFPID-51001"
}
},
{
"category": "product_version",
"name": "3.5.21.40",
"product": {
"name": "CODESYS PLCHandler 3.5.21.40",
"product_id": "CSAFPID-52001"
}
}
],
"category": "product_name",
"name": "CODESYS PLCHandler"
},
{
"branches": [
{
"category": "product_version_range",
"name": "3.5.21.0\u003c3.5.21.40",
"product": {
"name": "CODESYS Remote Target Visu 3.5.21.0\u003c3.5.21.40",
"product_id": "CSAFPID-51002"
}
},
{
"category": "product_version",
"name": "3.5.21.40",
"product": {
"name": "CODESYS Remote Target Visu 3.5.21.40",
"product_id": "CSAFPID-52002"
}
}
],
"category": "product_name",
"name": "CODESYS Remote Target Visu"
},
{
"branches": [
{
"category": "product_version_range",
"name": "3.5.21.0\u003c3.5.21.40",
"product": {
"name": "CODESYS Runtime Toolkit 3.5.21.0\u003c3.5.21.40",
"product_id": "CSAFPID-51003"
}
},
{
"category": "product_version",
"name": "3.5.21.40",
"product": {
"name": "CODESYS Runtime Toolkit 3.5.21.40",
"product_id": "CSAFPID-52003"
}
}
],
"category": "product_name",
"name": "CODESYS Runtime Toolkit"
},
{
"branches": [
{
"category": "product_version_range",
"name": "4.15.0.0\u003c4.19.0.0",
"product": {
"name": "CODESYS Control for BeagleBone SL 4.15.0.0\u003c4.19.0.0",
"product_id": "CSAFPID-51004"
}
},
{
"category": "product_version",
"name": "4.19.0.0",
"product": {
"name": "CODESYS Control for BeagleBone SL 4.19.0.0",
"product_id": "CSAFPID-52004"
}
}
],
"category": "product_name",
"name": "CODESYS Control for BeagleBone SL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "4.15.0.0\u003c4.19.0.0",
"product": {
"name": "CODESYS Control for emPC-A/iMX6 SL 4.15.0.0\u003c4.19.0.0",
"product_id": "CSAFPID-51005"
}
},
{
"category": "product_version",
"name": "4.19.0.0",
"product": {
"name": "CODESYS Control for emPC-A/iMX6 SL 4.19.0.0",
"product_id": "CSAFPID-52005"
}
}
],
"category": "product_name",
"name": "CODESYS Control for emPC-A/iMX6 SL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "4.15.0.0\u003c4.19.0.0",
"product": {
"name": "CODESYS Control for IOT2000 SL 4.15.0.0\u003c4.19.0.0",
"product_id": "CSAFPID-51006"
}
},
{
"category": "product_version",
"name": "4.19.0.0",
"product": {
"name": "CODESYS Control for IOT2000 SL 4.19.0.0",
"product_id": "CSAFPID-52006"
}
}
],
"category": "product_name",
"name": "CODESYS Control for IOT2000 SL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "4.15.0.0\u003c4.19.0.0",
"product": {
"name": "CODESYS Control for Linux ARM SL 4.15.0.0\u003c4.19.0.0",
"product_id": "CSAFPID-51007"
}
},
{
"category": "product_version",
"name": "4.19.0.0",
"product": {
"name": "CODESYS Control for Linux ARM SL 4.19.0.0",
"product_id": "CSAFPID-52007"
}
}
],
"category": "product_name",
"name": "CODESYS Control for Linux ARM SL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "4.15.0.0\u003c4.19.0.0",
"product": {
"name": "CODESYS Control for Linux SL 4.15.0.0\u003c4.19.0.0",
"product_id": "CSAFPID-51008"
}
},
{
"category": "product_version",
"name": "4.19.0.0",
"product": {
"name": "CODESYS Control for Linux SL 4.19.0.0",
"product_id": "CSAFPID-52008"
}
}
],
"category": "product_name",
"name": "CODESYS Control for Linux SL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "4.15.0.0\u003c4.19.0.0",
"product": {
"name": "CODESYS Control for PFC100 SL 4.15.0.0\u003c4.19.0.0",
"product_id": "CSAFPID-51009"
}
},
{
"category": "product_version",
"name": "4.19.0.0",
"product": {
"name": "CODESYS Control for PFC100 SL 4.19.0.0",
"product_id": "CSAFPID-52009"
}
}
],
"category": "product_name",
"name": "CODESYS Control for PFC100 SL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "4.15.0.0\u003c4.19.0.0",
"product": {
"name": "CODESYS Control for PFC200 SL 4.15.0.0\u003c4.19.0.0",
"product_id": "CSAFPID-51010"
}
},
{
"category": "product_version",
"name": "4.19.0.0",
"product": {
"name": "CODESYS Control for PFC200 SL 4.19.0.0",
"product_id": "CSAFPID-52010"
}
}
],
"category": "product_name",
"name": "CODESYS Control for PFC200 SL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "4.15.0.0\u003c4.19.0.0",
"product": {
"name": "CODESYS Control for PLCnext SL 4.15.0.0\u003c4.19.0.0",
"product_id": "CSAFPID-51011"
}
},
{
"category": "product_version",
"name": "4.19.0.0",
"product": {
"name": "CODESYS Control for PLCnext SL 4.19.0.0",
"product_id": "CSAFPID-52011"
}
}
],
"category": "product_name",
"name": "CODESYS Control for PLCnext SL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "4.15.0.0\u003c4.19.0.0",
"product": {
"name": "CODESYS Control for Raspberry Pi SL 4.15.0.0\u003c4.19.0.0",
"product_id": "CSAFPID-51012"
}
},
{
"category": "product_version",
"name": "4.19.0.0",
"product": {
"name": "CODESYS Control for Raspberry Pi SL 4.19.0.0",
"product_id": "CSAFPID-52012"
}
}
],
"category": "product_name",
"name": "CODESYS Control for Raspberry Pi SL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "4.15.0.0\u003c4.19.0.0",
"product": {
"name": "CODESYS Control for WAGO Touch Panels 600 SL 4.15.0.0\u003c4.19.0.0",
"product_id": "CSAFPID-51013"
}
},
{
"category": "product_version",
"name": "4.19.0.0",
"product": {
"name": "CODESYS Control for WAGO Touch Panels 600 SL 4.19.0.0",
"product_id": "CSAFPID-52013"
}
}
],
"category": "product_name",
"name": "CODESYS Control for WAGO Touch Panels 600 SL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "4.15.0.0\u003c4.19.0.0",
"product": {
"name": "CODESYS Edge Gateway for Linux 4.15.0.0\u003c4.19.0.0",
"product_id": "CSAFPID-51014"
}
},
{
"category": "product_version",
"name": "4.19.0.0",
"product": {
"name": "CODESYS Edge Gateway for Linux 4.19.0.0",
"product_id": "CSAFPID-52014"
}
}
],
"category": "product_name",
"name": "CODESYS Edge Gateway for Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "4.15.0.0\u003c4.19.0.0",
"product": {
"name": "CODESYS TargetVisu for Linux SL 4.15.0.0\u003c4.19.0.0",
"product_id": "CSAFPID-51015"
}
},
{
"category": "product_version",
"name": "4.19.0.0",
"product": {
"name": "CODESYS TargetVisu for Linux SL 4.19.0.0",
"product_id": "CSAFPID-52015"
}
}
],
"category": "product_name",
"name": "CODESYS TargetVisu for Linux SL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "4.15.0.0\u003c4.19.0.0",
"product": {
"name": "CODESYS Virtual Control SL 4.15.0.0\u003c4.19.0.0",
"product_id": "CSAFPID-51016"
}
},
{
"category": "product_version",
"name": "4.19.0.0",
"product": {
"name": "CODESYS Virtual Control SL 4.19.0.0",
"product_id": "CSAFPID-52016"
}
}
],
"category": "product_name",
"name": "CODESYS Virtual Control SL"
}
],
"category": "product_family",
"name": "Software"
}
],
"category": "vendor",
"name": "CODESYS"
}
],
"product_groups": [
{
"group_id": "CSAFGID-1001",
"product_ids": [
"CSAFPID-51001",
"CSAFPID-51002",
"CSAFPID-51003"
],
"summary": "Affected products v3.5.x."
},
{
"group_id": "CSAFGID-2001",
"product_ids": [
"CSAFPID-52001",
"CSAFPID-52002",
"CSAFPID-52003"
],
"summary": "Fixed products v3.5.x."
},
{
"group_id": "CSAFGID-1002",
"product_ids": [
"CSAFPID-51004",
"CSAFPID-51005",
"CSAFPID-51006",
"CSAFPID-51007",
"CSAFPID-51008",
"CSAFPID-51009",
"CSAFPID-51010",
"CSAFPID-51011",
"CSAFPID-51012",
"CSAFPID-51013",
"CSAFPID-51014",
"CSAFPID-51015",
"CSAFPID-51016"
],
"summary": "Affected products v4.x."
},
{
"group_id": "CSAFGID-2002",
"product_ids": [
"CSAFPID-52004",
"CSAFPID-52005",
"CSAFPID-52006",
"CSAFPID-52007",
"CSAFPID-52008",
"CSAFPID-52009",
"CSAFPID-52010",
"CSAFPID-52011",
"CSAFPID-52012",
"CSAFPID-52013",
"CSAFPID-52014",
"CSAFPID-52015",
"CSAFPID-52016"
],
"summary": "Fixed products v4.x."
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-41739",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "An unauthenticated remote attacker, who beats a race condition, can exploit a flaw in the communication servers of the CODESYS Control runtime system on Linux and QNX to trigger an out-of-bounds read via crafted socket communication, potentially causing a denial of service.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001",
"CSAFPID-52002",
"CSAFPID-52003",
"CSAFPID-52004",
"CSAFPID-52005",
"CSAFPID-52006",
"CSAFPID-52007",
"CSAFPID-52008",
"CSAFPID-52009",
"CSAFPID-52010",
"CSAFPID-52011",
"CSAFPID-52012",
"CSAFPID-52013",
"CSAFPID-52014",
"CSAFPID-52015",
"CSAFPID-52016"
],
"known_affected": [
"CSAFPID-51001",
"CSAFPID-51002",
"CSAFPID-51003",
"CSAFPID-51004",
"CSAFPID-51005",
"CSAFPID-51006",
"CSAFPID-51007",
"CSAFPID-51008",
"CSAFPID-51009",
"CSAFPID-51010",
"CSAFPID-51011",
"CSAFPID-51012",
"CSAFPID-51013",
"CSAFPID-51014",
"CSAFPID-51015",
"CSAFPID-51016"
]
},
"remediations": [
{
"category": "mitigation",
"details": "As the flaw resides in the SysSocketSelect() implementation, which has been switched to a poll()-based approach by default since version 3.5.21.0, the following setting can be added to the configuration file of the affected product (e.g., CODESYSControl.cfg) to revert to the select()-based implementation:\n\n[SysSocket]\nLinuxSelectPoll=1\n\nNote: On Linux select() is limited to less than 1024 file descriptors.",
"group_ids": [
"CSAFGID-1001",
"CSAFGID-1002"
]
},
{
"category": "vendor_fix",
"details": "Update the following products to version 3.5.21.40.\n* CODESYS PLCHandler\n* CODESYS Remote Target Visu\n* CODESYS Runtime Toolkit\n\nThe CODESYS Development System and the products available as CODESYS add-ons can be downloaded and installed directly with the CODESYS Installer or be downloaded from the CODESYS Store. Alternatively, as well as for all other products, you will find further information on obtaining the software update in the CODESYS Update area https://www.codesys.com/download/.",
"group_ids": [
"CSAFGID-1001"
]
},
{
"category": "vendor_fix",
"details": "Update the following products to version 4.19.0.0.\n* CODESYS Control for BeagleBone SL\n* CODESYS Control for emPC-A/iMX6 SL\n* CODESYS Control for IOT2000 SL\n* CODESYS Control for Linux ARM SL\n* CODESYS Control for Linux SL\n* CODESYS Control for PFC100 SL\n* CODESYS Control for PFC200 SL\n* CODESYS Control for PLCnext SL\n* CODESYS Control for Raspberry Pi SL\n* CODESYS Control for WAGO Touch Panels 600 SL\n* CODESYS Edge Gateway for Linux\n* CODESYS TargetVisu for Linux SL\n* CODESYS Virtual Control SL \n\nThe CODESYS Development System and the products available as CODESYS add-ons can be downloaded and installed directly with the CODESYS Installer or be downloaded from the CODESYS Store. Alternatively, as well as for all other products, you will find further information on obtaining the software update in the CODESYS Update area https://www.codesys.com/download/. ",
"group_ids": [
"CSAFGID-1002"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001",
"CSAFPID-51002",
"CSAFPID-51003",
"CSAFPID-51004",
"CSAFPID-51005",
"CSAFPID-51006",
"CSAFPID-51007",
"CSAFPID-51008",
"CSAFPID-51009",
"CSAFPID-51010",
"CSAFPID-51011",
"CSAFPID-51012",
"CSAFPID-51013",
"CSAFPID-51014",
"CSAFPID-51015",
"CSAFPID-51016"
]
}
],
"title": "CODESYS Control - Linux/QNX SysSocket flaw"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…