Vulnerability-Lookup

CVE-2022-31803 (GCVE-0-2022-31803)

Vulnerability from cvelistv5 – Published: 2022-06-24 07:46 – Updated: 2024-09-16 20:01

Title

CODESYS Gateway Server V2 prone to Denial of Service Attack

Summary

In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connections are not affected and therefore remain intact.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

CERTVDE

References

URL

	Vendor	Product	Version
	CODESYS	CODESYS Gateway Server V2	Affected: V2 , < V2.3.9.38 (custom)

VAR-202206-2040

Vulnerability from variot - Updated: 2025-07-04 22:38

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202206-2040",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "gateway",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "codesys",
        "version": "2.0"
      },
      {
        "model": "gateway",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "codesys",
        "version": "2.3.9.38"
      },
      {
        "model": "gateway",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "codesys",
        "version": "2.0  that\u0027s all  2.3.9.38"
      },
      {
        "model": "gateway",
        "scope": null,
        "trust": 0.8,
        "vendor": "codesys",
        "version": null
      },
      {
        "model": "gateway",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "codesys",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011709"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-31803"
      }
    ]
  },
  "cve": "CVE-2022-31803",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2022-31803",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-423672",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "info@cert.vde.com",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2022-31803",
            "impactScore": 1.4,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "OTHER",
            "availabilityImpact": "Low",
            "baseScore": 5.3,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2022-011709",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2022-31803",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "info@cert.vde.com",
            "id": "CVE-2022-31803",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2022-31803",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202206-2455",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-423672",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2022-31803",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-423672"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-31803"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011709"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2455"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-31803"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-31803"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connections are not affected and therefore remain intact. CODESYS GmbH of CODESYS Gateway Exists in a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-31803"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011709"
      },
      {
        "db": "VULHUB",
        "id": "VHN-423672"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-31803"
      }
    ],
    "trust": 1.8
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-31803",
        "trust": 3.4
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-25-182-03",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU97192309",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011709",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2455",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-423672",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-31803",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-423672"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-31803"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011709"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2455"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-31803"
      }
    ]
  },
  "id": "VAR-202206-2040",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-423672"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2025-07-04T22:38:02.113000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "CODESYS Gateway Server Remediation of resource management error vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=197311"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2455"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-400",
        "trust": 1.1
      },
      {
        "problemtype": "Resource exhaustion (CWE-400) [ others ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-423672"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011709"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-31803"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=17141\u0026token=17867e35cfd30c77ba0137f9a17b3a557a4b7b66\u0026download="
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu97192309/index.html"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-31803"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-182-03"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-31803/"
      },
      {
        "trust": 0.1,
        "url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026amp;t=f\u0026amp;f=17141\u0026amp;token=17867e35cfd30c77ba0137f9a17b3a557a4b7b66\u0026amp;download="
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/400.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-423672"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-31803"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011709"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2455"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-31803"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-423672"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-31803"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011709"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2455"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-31803"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-06-24T00:00:00",
        "db": "VULHUB",
        "id": "VHN-423672"
      },
      {
        "date": "2022-06-24T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-31803"
      },
      {
        "date": "2023-08-23T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-011709"
      },
      {
        "date": "2022-06-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202206-2455"
      },
      {
        "date": "2022-06-24T08:15:07.463000",
        "db": "NVD",
        "id": "CVE-2022-31803"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-07-01T00:00:00",
        "db": "VULHUB",
        "id": "VHN-423672"
      },
      {
        "date": "2022-07-01T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-31803"
      },
      {
        "date": "2025-07-03T05:54:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-011709"
      },
      {
        "date": "2022-07-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202206-2455"
      },
      {
        "date": "2022-07-01T13:34:36.227000",
        "db": "NVD",
        "id": "CVE-2022-31803"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2455"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "CODESYS\u00a0GmbH\u00a0 of \u00a0CODESYS\u00a0Gateway\u00a0 Resource exhaustion vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-011709"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2455"
      }
    ],
    "trust": 0.6
  }
}

FSA-202406

Vulnerability from csaf_festosecokg - Published: 2024-12-03 11:00 - Updated: 2024-12-03 14:00

Summary

Several Codesys Gateway v2 vulnerabilities in Codesys provided by Festo

Notes

General Recommendation: As part of a security strategy, Festo recommends the following general defense measures to reduce the risk of exploits: - Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside - Use firewalls to protect and separate the control system network from other networks - Use VPN (Virtual Private Networks) tunnels if remote access is required - Activate and apply user management and password features - Use encrypted communication links - Limit the access to both development and control system by physical means, operating system features, etc. - Protect both development and control system by using up to date virus detecting solutions Festo strongly recommends to minimize and protect network access to connected devices with state of the art techniques and processes. For a secure operation follow the recommendations in the product manuals.

Summary: An unauthenticated attacker would be able to send crafted requests to cause the CODESYS Gateway Server V2 to allocate excessive memory or consume all available TCP client connections. Besides, passwords are insufficiently checked during login. All versions of the following CODESYS V2 product prior version V2.3.9.38 are affected: • CODESYS Gateway Server

Disclaimer: Festo assumes no liability whatsoever for indirect, collateral, accidental or consequential losses that occur by the distribution and/or use of this document or any losses in connection with the distribution and/or use of this document. All information published in this document is provided free of charge and on good faith by Festo. Insofar as permissible by law, however, none of this information shall establish any warranty, guarantee, commitment or liability on the part of Festo. Note: In no case does these information release the operator or responsible person from the obligation to check the effect on his system or installation before using the information and, in the event of negative consequences, not to use the information. In addition, the actual general terms and conditions of Festo for delivery, payment and software use shall apply, available under http://www.festo.com.

Impact: The identified vulnerabilities could lead to denial-of-service attacks, exhaustion of TCP connections, and unauthorized access to the system.

Mitigation: For all CVEs: Enable password protection at login in case no password is set at the controller. Please note that the password configuration file is not covered via default FFT backup & Restore mechanism, you must select the related file manually.

CVE-2022-31802

In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only a part of the the specified password is been compared to the real CODESYS Gateway password. An attacker may perform authentication by specifying a small password that matches the corresponding part of the longer real CODESYS Gateway password.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-187 - Partial String Comparison

Mitigation Enable password protection at login in case no password is set at the controller. Please note that the password configuration file is not covered by the default FFT backup and restore mechanism. You must select the related file manually.

CVE-2022-31803

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-400 - Uncontrolled Resource Consumption

CVE-2022-31804

The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. An unauthenticated attacker may allocate an arbitrary amount of memory, which may lead to a crash of the Gateway due to an out-of-memory condition.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-789 - Memory Allocation with Excessive Size Value

References

URL

GHSA-9348-VPWC-CH78

Vulnerability from github – Published: 2022-06-25 00:01 – Updated: 2022-06-25 00:01

Details

Severity ?

5.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-31803"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-24T08:15:00Z",
    "severity": "MODERATE"
  },
  "details": "In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connections are not affected and therefore remain intact.",
  "id": "GHSA-9348-vpwc-ch78",
  "modified": "2022-06-25T00:01:01Z",
  "published": "2022-06-25T00:01:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31803"
    },
    {
      "type": "WEB",
      "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17141\u0026token=17867e35cfd30c77ba0137f9a17b3a557a4b7b66\u0026download="
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2022-31803

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-31803

Aliases

CVE-2022-31803

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-31803",
    "description": "In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connections are not affected and therefore remain intact.",
    "id": "GSD-2022-31803"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-31803"
      ],
      "details": "In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connections are not affected and therefore remain intact.",
      "id": "GSD-2022-31803",
      "modified": "2023-12-13T01:19:18.328027Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "info@cert.vde.com",
        "DATE_PUBLIC": "2022-06-09T07:54:00.000Z",
        "ID": "CVE-2022-31803",
        "STATE": "PUBLIC",
        "TITLE": "CODESYS Gateway Server V2 prone to Denial of Service Attack"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "CODESYS Gateway Server V2",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "V2",
                          "version_value": "V2.3.9.38"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "CODESYS"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connections are not affected and therefore remain intact."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-400 Uncontrolled Resource Consumption"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17141\u0026token=17867e35cfd30c77ba0137f9a17b3a557a4b7b66\u0026download=",
            "refsource": "CONFIRM",
            "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17141\u0026token=17867e35cfd30c77ba0137f9a17b3a557a4b7b66\u0026download="
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:codesys:gateway:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.3.9.38",
                "versionStartIncluding": "2.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "info@cert.vde.com",
          "ID": "CVE-2022-31803"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connections are not affected and therefore remain intact."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17141\u0026token=17867e35cfd30c77ba0137f9a17b3a557a4b7b66\u0026download=",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17141\u0026token=17867e35cfd30c77ba0137f9a17b3a557a4b7b66\u0026download="
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2022-07-01T13:34Z",
      "publishedDate": "2022-06-24T08:15Z"
    }
  }
}

FKIE_CVE-2022-31803

Vulnerability from fkie_nvd - Published: 2022-06-24 08:15 - Updated: 2024-11-21 07:05

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Summary

References

	URL	Tags
	info@cert.vde.com	https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17141&token=17867e35cfd30c77ba0137f9a17b3a557a4b7b66&download=	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17141&token=17867e35cfd30c77ba0137f9a17b3a557a4b7b66&download=	Vendor Advisory

Impacted products

	Vendor	Product	Version
	codesys	gateway	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:codesys:gateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB2B49E7-1AE9-418A-AC9E-0166D16F38BD",
              "versionEndExcluding": "2.3.9.38",
              "versionStartIncluding": "2.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connections are not affected and therefore remain intact."
    },
    {
      "lang": "es",
      "value": "En CODESYS Gateway Server versi\u00f3n V2, una comprobaci\u00f3n insuficiente de la actividad de las conexiones de clientes TCP permite a un atacante no autenticado consumir todas las conexiones TCP disponibles e impedir que los usuarios o clientes leg\u00edtimos establezcan una nueva conexi\u00f3n con CODESYS Gateway Server V2. Las conexiones existentes no est\u00e1n afectadas y, por tanto, permanecen intactas"
    }
  ],
  "id": "CVE-2022-31803",
  "lastModified": "2024-11-21T07:05:21.800",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "info@cert.vde.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2022-06-24T08:15:07.463",
  "references": [
    {
      "source": "info@cert.vde.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17141\u0026token=17867e35cfd30c77ba0137f9a17b3a557a4b7b66\u0026download="
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://customers.codesys.com/index.php?eID=dumpFile\u0026t=f\u0026f=17141\u0026token=17867e35cfd30c77ba0137f9a17b3a557a4b7b66\u0026download="
    }
  ],
  "sourceIdentifier": "info@cert.vde.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "info@cert.vde.com",
      "type": "Secondary"
    }
  ]
}

VDE-2022-040

Vulnerability from csaf_wagogmbhcokg - Published: 2022-10-17 08:00 - Updated: 2023-09-22 12:39

Summary

WAGO: Multiple Vulnerabilities in Controller with WAGO I/O-Pro / CODESYS 2.3 Runtime

Severity

Critical

Notes

Summary: UPDATE A: Solution has updated release datesUPDATE B: Solution has updated release datesThis Advisory is published with reference to: CODESYS Advisory 2022-11 (Security update for CODESYS Control V2) CODESYS Advisory 2022-12 (Security update for CODESYS V2 password transport) CODESYS Advisory 2022-13 (Security update for CODESYS Gateway V2)

Impact: From vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11): By crafting special packets / requests a low skilled attacker can exploit the vulnerabilities. This can lead to denial-of-service conditions or deleting files. From vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12): A low skilled attacker is able to gather insufficiently protected credentials having access to the communication between client and server. From vulnerabilities CVE-2022-31802, CVE-2022-31803, CVE-2022-31804 (CODESYS Advisory 2022-13): An attacker with low skills is able to gather insufficiently protected credentials having local access or access to the online communication traffic

Mitigation: For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11): - Activation of online user management, to prevent unallowed actions from unauthorized attackers - Setting strong passwords - Use e!Runtime or CODESYS V3 For vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12): - Activation of online user management, to prevent unallowed actions from unauthorized attackers - Use encryption of online communication whenever possible, this protects password transmission.

Remediation: WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available. Until the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password. ### PFC200 Family | Ord. No. | Firmware | |-----------------------|----------------------------------| | 750-8202/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8203/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8204/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8206/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8207/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8208/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8210/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8211/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8212/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8213/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8214/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8216/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8217/xxx-xxx | UPDATE B: Available in Q1 2024 | ### Ethernet Controller 4th Generation Family – UPDATE B | Ord. No. | Firmware | |-----------------------|----------------------------------| | 750-823 | UPDATE B: Available in Q1 2024 | | 750-332 | UPDATE B: Available in Q1 2024 | | 750-832/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-862 | UPDATE B: Available in Q1 2024 | | 750-890/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-891 | UPDATE B: Available in Q1 2024 | | 750-893 | UPDATE B: Available in Q1 2024 | ### Ethernet Controller 3rd Generation Family – UPDATE B | Ord. No. | Firmware | |-----------------------|----------------------------------| | 750-331 | UPDATE B: Available in Q1 2024 | | 750-829 | UPDATE B: Available in Q1 2024 | | 750-831/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-852 | UPDATE B: Available in Q1 2024 | | 750-880/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-881 | UPDATE B: Available in Q1 2024 | | 750-882 | UPDATE B: Available in Q1 2024 | | 750-885/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-889 | UPDATE B: Available in Q1 2024 | ### Engineering Software | Name | Firmware | |------------------|----------------------------------| | WAGO-I/O-PRO 32 | UPDATE B: Available in Q1 2024 |

General Mitigation Recommendations: - Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside - Use firewalls to protect and separate the control system network from other networks - Use VPN (Virtual Private Networks) tunnels if remote access is required - Activate and apply user management and password features - Use encrypted communication links - Limit the access to both development and control system by physical means, operating system features, etc. - Protect both development and control system by using up to date virus detecting solutions For further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at www.codesys.com/security/security-reports.html

CVE-2022-31804

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-789 - Memory Allocation with Excessive Size Value

Mitigation For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11): - Activation of online user management, to prevent unallowed actions from unauthorized attackers - Setting strong passwords - Use e!Runtime or CODESYS V3 For vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12): - Activation of online user management, to prevent unallowed actions from unauthorized attackers - Use encryption of online communication whenever possible, this protects password transmission.

Vendor Fix WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available. Until the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password. ### PFC200 Family | Ord. No. | Firmware | |-----------------------|----------------------------------| | 750-8202/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8203/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8204/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8206/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8207/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8208/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8210/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8211/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8212/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8213/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8214/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8216/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-8217/xxx-xxx | UPDATE B: Available in Q1 2024 | ### Ethernet Controller 4th Generation Family – UPDATE B | Ord. No. | Firmware | |-----------------------|----------------------------------| | 750-823 | UPDATE B: Available in Q1 2024 | | 750-332 | UPDATE B: Available in Q1 2024 | | 750-832/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-862 | UPDATE B: Available in Q1 2024 | | 750-890/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-891 | UPDATE B: Available in Q1 2024 | | 750-893 | UPDATE B: Available in Q1 2024 | ### Ethernet Controller 3rd Generation Family – UPDATE B | Ord. No. | Firmware | |-----------------------|----------------------------------| | 750-331 | UPDATE B: Available in Q1 2024 | | 750-829 | UPDATE B: Available in Q1 2024 | | 750-831/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-852 | UPDATE B: Available in Q1 2024 | | 750-880/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-881 | UPDATE B: Available in Q1 2024 | | 750-882 | UPDATE B: Available in Q1 2024 | | 750-885/xxx-xxx | UPDATE B: Available in Q1 2024 | | 750-889 | UPDATE B: Available in Q1 2024 | ### Engineering Software | Name | Firmware | |------------------|----------------------------------| | WAGO-I/O-PRO 32 | UPDATE B: Available in Q1 2024 |

CVE-2022-31803

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-400 - Uncontrolled Resource Consumption

CVE-2022-31802

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-187 - Partial String Comparison

CVE-2022-31806

In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-1188 - Initialization of a Resource with an Insecure Default

CVE-2022-31805

In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-523 - Unprotected Transport of Credentials

CVE-2022-32143

In multiple CODESYS products, file download and upload function allows access to internal files in the working directory e.g. firmware files of the PLC. All requests are processed on the controller only if no level 1 password is configured on the controller or if remote attacker has previously successfully authenticated himself to the controller. A successful Attack may lead to a denial of service, change of local files, or drain of confidential Information. User interaction is not required

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-552 - Files or Directories Accessible to External Parties

CVE-2022-32142

Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a change of local files. User interaction is not required.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CWE-823 - Use of Out-of-range Pointer Offset

CVE-2022-32141

Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a denial-of-service condition. User interaction is not required.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

CVE-2022-32140

Multiple CODESYS products are affected to a buffer overflow.A low privileged remote attacker may craft a request, which can cause a buffer copy without checking the size of the service, resulting in a denial-of-service condition. User Interaction is not required.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2022-32139

In multiple CODESYS products, a low privileged remote attacker may craft a request, which cause an out-of-bounds read, resulting in a denial-of-service condition. User Interaction is not required.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-125 - Out-of-bounds Read

CVE-2022-32138

In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a denial-of-service condition or memory overwrite.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-194 - Unexpected Sign Extension

CVE-2022-32137

In multiple CODESYS products, a low privileged remote attacker may craft a request, which may cause a heap-based buffer overflow, resulting in a denial-of-service condition or memory overwrite. User interaction is not required.

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-122 - Heap-based Buffer Overflow

CVE-2022-32136

In multiple CODESYS products, a low privileged remote attacker may craft a request that cause a read access to an uninitialized pointer, resulting in a denial-of-service. User interaction is not required.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-824 - Access of Uninitialized Pointer

CVE-2022-1965

Multiple products of CODESYS implement a improper error handling. A low privilege remote attacker may craft a request, which is not properly processed by the error handling. In consequence, the file referenced by the request could be deleted. User interaction is not required.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CWE-755 - Improper Handling of Exceptional Conditions

References

URL

Category

	https://certvde.com/en/advisories/VDE-2022-040/	self
	https://wago.csaf-tp.certvde.com/.well-known/csaf…	self
	https://www.wago.com/psirt	external
	https://certvde.com/en/advisories/vendor/wago/	external

Acknowledgments

CERT@VDE certvde.com

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      }
    ],
    "aggregate_severity": {
      "namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "UPDATE A: Solution has updated release datesUPDATE B: Solution has updated release datesThis Advisory is published with reference to:\n\nCODESYS Advisory 2022-11 (Security update for CODESYS Control V2)\nCODESYS Advisory 2022-12 (Security update for CODESYS V2 password transport)\nCODESYS Advisory 2022-13 (Security update for CODESYS Gateway V2)",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "From vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11):\nBy crafting special packets / requests a low skilled attacker can exploit the vulnerabilities. This can lead to denial-of-service conditions or deleting files.\n\nFrom vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12):\nA low skilled attacker is able to gather insufficiently protected credentials having access to the communication between client and server.\n\nFrom vulnerabilities CVE-2022-31802, CVE-2022-31803, CVE-2022-31804 (CODESYS Advisory 2022-13):\nAn attacker with low skills is able to gather insufficiently protected credentials having local access or access to the online communication traffic",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11):\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n- Setting strong passwords\n- Use e!Runtime or CODESYS V3\n\nFor vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12):\n\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n\n- Use encryption of online communication whenever possible, this protects password transmission.",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available.\nUntil the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password.\n\n### PFC200 Family\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-8202/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8203/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8204/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8206/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8207/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8208/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8210/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8211/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8212/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8213/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8214/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8216/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8217/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 4th Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-823               | UPDATE B: Available in Q1 2024   |\n| 750-332               | UPDATE B: Available in Q1 2024   |\n| 750-832/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-862               | UPDATE B: Available in Q1 2024   |\n| 750-890/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-891               | UPDATE B: Available in Q1 2024   |\n| 750-893               | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 3rd Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-331               | UPDATE B: Available in Q1 2024   |\n| 750-829               | UPDATE B: Available in Q1 2024   |\n| 750-831/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-852               | UPDATE B: Available in Q1 2024   |\n| 750-880/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-881               | UPDATE B: Available in Q1 2024   |\n| 750-882               | UPDATE B: Available in Q1 2024   |\n| 750-885/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-889               | UPDATE B: Available in Q1 2024   |\n\n### Engineering Software\n\n| Name             | Firmware                         |\n|------------------|----------------------------------|\n| WAGO-I/O-PRO 32  | UPDATE B: Available in Q1 2024   |",
        "title": "Remediation"
      },
      {
        "category": "general",
        "text": "- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside\n\n- Use firewalls to protect and separate the control system network from other networks\n\n- Use VPN (Virtual Private Networks) tunnels if remote access is required\n\n- Activate and apply user management and password features\n\n- Use encrypted communication links\n\n- Limit the access to both development and control system by physical means, operating system features, etc.\n\n- Protect both development and control system by using up to date virus detecting solutions\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at\nwww.codesys.com/security/security-reports.html",
        "title": "General Mitigation Recommendations"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@wago.com",
      "name": "WAGO GmbH \u0026 Co. KG",
      "namespace": "https://www.wago.com/psirt"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2022-040: WAGO: Multiple Vulnerabilities in Controller with WAGO I/O-Pro / CODESYS 2.3 Runtime - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2022-040/"
      },
      {
        "category": "self",
        "summary": "VDE-2022-040: WAGO: Multiple Vulnerabilities in Controller with WAGO I/O-Pro / CODESYS 2.3 Runtime - CSAF",
        "url": "https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2022/vde-2022-040.json"
      },
      {
        "category": "external",
        "summary": "WAGO PSIRT",
        "url": "https://www.wago.com/psirt"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for WAGO GmbH \u0026 Co. KG",
        "url": "https://certvde.com/en/advisories/vendor/wago/"
      }
    ],
    "title": "WAGO: Multiple Vulnerabilities in Controller with WAGO I/O-Pro / CODESYS 2.3 Runtime",
    "tracking": {
      "aliases": [
        "VDE-2022-040"
      ],
      "current_release_date": "2023-09-22T12:39:00.000Z",
      "generator": {
        "date": "2025-06-16T07:38:21.972Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.27"
        }
      },
      "id": "VDE-2022-040",
      "initial_release_date": "2022-10-17T08:00:00.000Z",
      "revision_history": [
        {
          "date": "2022-10-17T08:00:00.000Z",
          "number": "1.0.0",
          "summary": "Initial revision."
        },
        {
          "date": "2023-09-22T12:39:00.000Z",
          "number": "1.1.0",
          "summary": "Solution has updated"
        }
      ],
      "status": "final",
      "version": "1.1.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "750-331",
                "product": {
                  "name": "750-331",
                  "product_id": "CSAFPID-11001"
                }
              },
              {
                "category": "product_name",
                "name": "750-829",
                "product": {
                  "name": "750-829",
                  "product_id": "CSAFPID-11002"
                }
              },
              {
                "category": "product_name",
                "name": "750-831/xxx-xxx",
                "product": {
                  "name": "750-831/xxx-xxx",
                  "product_id": "CSAFPID-11003"
                }
              },
              {
                "category": "product_name",
                "name": "750-852",
                "product": {
                  "name": "750-852",
                  "product_id": "CSAFPID-11004"
                }
              },
              {
                "category": "product_name",
                "name": "750-881",
                "product": {
                  "name": "750-881",
                  "product_id": "CSAFPID-11005"
                }
              },
              {
                "category": "product_name",
                "name": "750-882",
                "product": {
                  "name": "750-882",
                  "product_id": "CSAFPID-11006"
                }
              },
              {
                "category": "product_name",
                "name": "750-885/xxx-xxx",
                "product": {
                  "name": "750-885/xxx-xxx",
                  "product_id": "CSAFPID-11007"
                }
              },
              {
                "category": "product_name",
                "name": "750-889",
                "product": {
                  "name": "750-889",
                  "product_id": "CSAFPID-11008"
                }
              },
              {
                "category": "product_name",
                "name": "750-880/xxx-xxx",
                "product": {
                  "name": "750-880/xxx-xxx",
                  "product_id": "CSAFPID-11009"
                }
              },
              {
                "category": "product_name",
                "name": "750-823",
                "product": {
                  "name": "750-823",
                  "product_id": "CSAFPID-11010"
                }
              },
              {
                "category": "product_name",
                "name": "750-332",
                "product": {
                  "name": "750-332",
                  "product_id": "CSAFPID-11011"
                }
              },
              {
                "category": "product_name",
                "name": "750-832/xxx-xxx",
                "product": {
                  "name": "750-832/xxx-xxx",
                  "product_id": "CSAFPID-11012"
                }
              },
              {
                "category": "product_name",
                "name": "750-862",
                "product": {
                  "name": "750-862",
                  "product_id": "CSAFPID-11013"
                }
              },
              {
                "category": "product_name",
                "name": "750-890/xxx-xxx",
                "product": {
                  "name": "750-890/xxx-xxx",
                  "product_id": "CSAFPID-11014"
                }
              },
              {
                "category": "product_name",
                "name": "750-891",
                "product": {
                  "name": "750-891",
                  "product_id": "CSAFPID-11015"
                }
              },
              {
                "category": "product_name",
                "name": "750-893",
                "product": {
                  "name": "750-893",
                  "product_id": "CSAFPID-11016"
                }
              },
              {
                "category": "product_name",
                "name": "PFC200",
                "product": {
                  "name": "PFC200",
                  "product_id": "CSAFPID-11017",
                  "product_identification_helper": {
                    "model_numbers": [
                      "750-8206/xxx-xxx",
                      "750-8204/xxx-xxx",
                      "750-8203/xxx-xxx",
                      "750-8214/xxx-xxx",
                      "750-8213/xxx-xxx",
                      "750-8212/xxx-xxx",
                      "750-8211/xxx-xxx",
                      "750-8216/xxx-xxx",
                      "750-8217/xxx-xxx",
                      "750-8210/xxx-xxx",
                      "750-8208/xxx-xxx",
                      "750-8202/xxx-xxx",
                      "750-8207/xxx-xxx"
                    ]
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=01.08.25(16)",
                "product": {
                  "name": "Firmware \u003c=01.08.25(16)",
                  "product_id": "CSAFPID-21002"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=01.03.25(16)",
                "product": {
                  "name": "Firmware \u003c=01.03.25(16)",
                  "product_id": "CSAFPID-21003"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=01.07.25(16)",
                "product": {
                  "name": "Firmware \u003c=01.07.25(16)",
                  "product_id": "CSAFPID-21004"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=01.09.25(16)",
                "product": {
                  "name": "Firmware \u003c=01.09.25(16)",
                  "product_id": "CSAFPID-21005"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=01.04.16(14)",
                "product": {
                  "name": "Firmware \u003c=01.04.16(14)",
                  "product_id": "CSAFPID-21006"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=01.02.16(06)",
                "product": {
                  "name": "Firmware \u003c=01.02.16(06)",
                  "product_id": "CSAFPID-21007"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=01.05.04(10)",
                "product": {
                  "name": "Firmware \u003c=01.05.04(10)",
                  "product_id": "CSAFPID-21008"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=03.10.08(22)",
                "product": {
                  "name": "Firmware \u003c=03.10.08(22)",
                  "product_id": "CSAFPID-21009"
                }
              },
              {
                "category": "product_version",
                "name": "FW17",
                "product": {
                  "name": "Firmware FW17",
                  "product_id": "CSAFPID-22001"
                }
              },
              {
                "category": "product_version",
                "name": "FW11 with BACnet Certification",
                "product": {
                  "name": "Firmware FW11 with BACnet Certification",
                  "product_id": "CSAFPID-22002"
                }
              },
              {
                "category": "product_version",
                "name": "FW11",
                "product": {
                  "name": "Firmware FW11",
                  "product_id": "CSAFPID-22003"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "\u003c=2.3.9.68",
                    "product": {
                      "name": "Engineering Software \u003c=2.3.9.68",
                      "product_id": "CSAFPID-51001",
                      "product_identification_helper": {
                        "model_numbers": [
                          "WAGO-I/O-PRO"
                        ]
                      }
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "2.3.9.70",
                    "product": {
                      "name": "Engineering Software 2.3.9.70",
                      "product_id": "CSAFPID-52001"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Engineering Software"
              }
            ],
            "category": "product_family",
            "name": "Software"
          }
        ],
        "category": "vendor",
        "name": "Wago"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017"
        ],
        "summary": "Affected products."
      },
      {
        "group_id": "CSAFGID-0002",
        "product_ids": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014"
        ],
        "summary": "Fixed products."
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.04.16(14) installed on 750-331",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21006",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.04.16(14) installed on 750-829",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21006",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.04.16(14) installed on 750-831/xxx-xxx",
          "product_id": "CSAFPID-31003"
        },
        "product_reference": "CSAFPID-21006",
        "relates_to_product_reference": "CSAFPID-11003"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.09.25(16) installed on 750-852",
          "product_id": "CSAFPID-31004"
        },
        "product_reference": "CSAFPID-21005",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.09.25(16) installed on 750-881",
          "product_id": "CSAFPID-31005"
        },
        "product_reference": "CSAFPID-21005",
        "relates_to_product_reference": "CSAFPID-11005"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.08.25(16) installed on 750-882",
          "product_id": "CSAFPID-31006"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11006"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.07.25(16) installed on 750-885/xxx-xxx",
          "product_id": "CSAFPID-31007"
        },
        "product_reference": "CSAFPID-21004",
        "relates_to_product_reference": "CSAFPID-11007"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.03.25(16) installed on 750-889",
          "product_id": "CSAFPID-31008"
        },
        "product_reference": "CSAFPID-21003",
        "relates_to_product_reference": "CSAFPID-11008"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.08.25(16) installed on 750-880/xxx-xxx",
          "product_id": "CSAFPID-31009"
        },
        "product_reference": "CSAFPID-21002",
        "relates_to_product_reference": "CSAFPID-11009"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.05.04(10) installed on 750-823",
          "product_id": "CSAFPID-31010"
        },
        "product_reference": "CSAFPID-21008",
        "relates_to_product_reference": "CSAFPID-11010"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.02.16(06) installed on 750-332",
          "product_id": "CSAFPID-31011"
        },
        "product_reference": "CSAFPID-21007",
        "relates_to_product_reference": "CSAFPID-11011"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.02.16(06) installed on 750-832/xxx-xxx",
          "product_id": "CSAFPID-31012"
        },
        "product_reference": "CSAFPID-21007",
        "relates_to_product_reference": "CSAFPID-11012"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.05.04(10) installed on 750-862",
          "product_id": "CSAFPID-31013"
        },
        "product_reference": "CSAFPID-21008",
        "relates_to_product_reference": "CSAFPID-11013"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.05.04(10) installed on 750-890/xxx-xxx",
          "product_id": "CSAFPID-31014"
        },
        "product_reference": "CSAFPID-21008",
        "relates_to_product_reference": "CSAFPID-11014"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.05.04(10) installed on 750-891",
          "product_id": "CSAFPID-31015"
        },
        "product_reference": "CSAFPID-21008",
        "relates_to_product_reference": "CSAFPID-11015"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=01.05.04(10) installed on 750-893",
          "product_id": "CSAFPID-31016"
        },
        "product_reference": "CSAFPID-21008",
        "relates_to_product_reference": "CSAFPID-11016"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=03.10.08(22) installed on PFC200",
          "product_id": "CSAFPID-31017"
        },
        "product_reference": "CSAFPID-21009",
        "relates_to_product_reference": "CSAFPID-11017"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW11 installed on 750-823",
          "product_id": "CSAFPID-32001"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11010"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW11 after BACnet Certification installed on 750-332",
          "product_id": "CSAFPID-32002"
        },
        "product_reference": "CSAFPID-22002",
        "relates_to_product_reference": "CSAFPID-11011"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW11 after BACnet Certification installed on 750-832/xxx-xxx",
          "product_id": "CSAFPID-32003"
        },
        "product_reference": "CSAFPID-22002",
        "relates_to_product_reference": "CSAFPID-11012"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW11 installed on 750-862",
          "product_id": "CSAFPID-32004"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11013"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW11 installed on 750-890/xxx-xxx",
          "product_id": "CSAFPID-32005"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11014"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW11 installed on 750-891",
          "product_id": "CSAFPID-32006"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11015"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW11 installed on 750-893",
          "product_id": "CSAFPID-32007"
        },
        "product_reference": "CSAFPID-22003",
        "relates_to_product_reference": "CSAFPID-11016"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW17 installed on 750-829",
          "product_id": "CSAFPID-32008"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW17 installed on 750-852",
          "product_id": "CSAFPID-32009"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11004"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW17 installed on 750-880/xxx-xxx",
          "product_id": "CSAFPID-32010"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11009"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW17 installed on 750-881",
          "product_id": "CSAFPID-32011"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11005"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW17 installed on 750-882",
          "product_id": "CSAFPID-32012"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11006"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW17 installed on 750-885/xxx-xxx",
          "product_id": "CSAFPID-32013"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11007"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware FW17 installed on 750-889",
          "product_id": "CSAFPID-32014"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11008"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-31804",
      "cwe": {
        "id": "CWE-789",
        "name": "Memory Allocation with Excessive Size Value"
      },
      "notes": [
        {
          "category": "description",
          "text": "The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. An unauthenticated attacker may allocate an arbitrary amount of memory, which may lead to a crash of the Gateway due to an out-of-memory condition.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11):\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n- Setting strong passwords\n- Use e!Runtime or CODESYS V3\n\nFor vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12):\n\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n\n- Use encryption of online communication whenever possible, this protects password transmission.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available.\nUntil the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password.\n\n### PFC200 Family\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-8202/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8203/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8204/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8206/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8207/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8208/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8210/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8211/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8212/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8213/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8214/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8216/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8217/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 4th Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-823               | UPDATE B: Available in Q1 2024   |\n| 750-332               | UPDATE B: Available in Q1 2024   |\n| 750-832/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-862               | UPDATE B: Available in Q1 2024   |\n| 750-890/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-891               | UPDATE B: Available in Q1 2024   |\n| 750-893               | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 3rd Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-331               | UPDATE B: Available in Q1 2024   |\n| 750-829               | UPDATE B: Available in Q1 2024   |\n| 750-831/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-852               | UPDATE B: Available in Q1 2024   |\n| 750-880/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-881               | UPDATE B: Available in Q1 2024   |\n| 750-882               | UPDATE B: Available in Q1 2024   |\n| 750-885/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-889               | UPDATE B: Available in Q1 2024   |\n\n### Engineering Software\n\n| Name             | Firmware                         |\n|------------------|----------------------------------|\n| WAGO-I/O-PRO 32  | UPDATE B: Available in Q1 2024   |",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017"
          ]
        }
      ],
      "title": "CVE-2022-31804"
    },
    {
      "cve": "CVE-2022-31803",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "description",
          "text": "In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connections are not affected and therefore remain intact.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11):\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n- Setting strong passwords\n- Use e!Runtime or CODESYS V3\n\nFor vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12):\n\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n\n- Use encryption of online communication whenever possible, this protects password transmission.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available.\nUntil the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password.\n\n### PFC200 Family\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-8202/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8203/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8204/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8206/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8207/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8208/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8210/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8211/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8212/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8213/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8214/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8216/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8217/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 4th Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-823               | UPDATE B: Available in Q1 2024   |\n| 750-332               | UPDATE B: Available in Q1 2024   |\n| 750-832/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-862               | UPDATE B: Available in Q1 2024   |\n| 750-890/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-891               | UPDATE B: Available in Q1 2024   |\n| 750-893               | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 3rd Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-331               | UPDATE B: Available in Q1 2024   |\n| 750-829               | UPDATE B: Available in Q1 2024   |\n| 750-831/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-852               | UPDATE B: Available in Q1 2024   |\n| 750-880/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-881               | UPDATE B: Available in Q1 2024   |\n| 750-882               | UPDATE B: Available in Q1 2024   |\n| 750-885/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-889               | UPDATE B: Available in Q1 2024   |\n\n### Engineering Software\n\n| Name             | Firmware                         |\n|------------------|----------------------------------|\n| WAGO-I/O-PRO 32  | UPDATE B: Available in Q1 2024   |",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017"
          ]
        }
      ],
      "title": "CVE-2022-31803"
    },
    {
      "cve": "CVE-2022-31802",
      "cwe": {
        "id": "CWE-187",
        "name": "Partial String Comparison"
      },
      "notes": [
        {
          "category": "description",
          "text": "In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only a part of the the specified password is been compared to the real CODESYS Gateway password. An attacker may perform authentication by specifying a small password that matches the corresponding part of the longer real CODESYS Gateway password.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11):\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n- Setting strong passwords\n- Use e!Runtime or CODESYS V3\n\nFor vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12):\n\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n\n- Use encryption of online communication whenever possible, this protects password transmission.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available.\nUntil the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password.\n\n### PFC200 Family\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-8202/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8203/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8204/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8206/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8207/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8208/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8210/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8211/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8212/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8213/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8214/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8216/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8217/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 4th Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-823               | UPDATE B: Available in Q1 2024   |\n| 750-332               | UPDATE B: Available in Q1 2024   |\n| 750-832/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-862               | UPDATE B: Available in Q1 2024   |\n| 750-890/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-891               | UPDATE B: Available in Q1 2024   |\n| 750-893               | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 3rd Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-331               | UPDATE B: Available in Q1 2024   |\n| 750-829               | UPDATE B: Available in Q1 2024   |\n| 750-831/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-852               | UPDATE B: Available in Q1 2024   |\n| 750-880/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-881               | UPDATE B: Available in Q1 2024   |\n| 750-882               | UPDATE B: Available in Q1 2024   |\n| 750-885/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-889               | UPDATE B: Available in Q1 2024   |\n\n### Engineering Software\n\n| Name             | Firmware                         |\n|------------------|----------------------------------|\n| WAGO-I/O-PRO 32  | UPDATE B: Available in Q1 2024   |",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 9.8,
            "environmentalSeverity": "CRITICAL",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 9.8,
            "temporalSeverity": "CRITICAL",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017"
          ]
        }
      ],
      "title": "CVE-2022-31802"
    },
    {
      "cve": "CVE-2022-31806",
      "cwe": {
        "id": "CWE-1188",
        "name": "Initialization of a Resource with an Insecure Default"
      },
      "notes": [
        {
          "category": "description",
          "text": "In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11):\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n- Setting strong passwords\n- Use e!Runtime or CODESYS V3\n\nFor vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12):\n\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n\n- Use encryption of online communication whenever possible, this protects password transmission.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available.\nUntil the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password.\n\n### PFC200 Family\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-8202/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8203/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8204/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8206/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8207/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8208/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8210/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8211/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8212/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8213/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8214/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8216/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8217/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 4th Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-823               | UPDATE B: Available in Q1 2024   |\n| 750-332               | UPDATE B: Available in Q1 2024   |\n| 750-832/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-862               | UPDATE B: Available in Q1 2024   |\n| 750-890/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-891               | UPDATE B: Available in Q1 2024   |\n| 750-893               | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 3rd Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-331               | UPDATE B: Available in Q1 2024   |\n| 750-829               | UPDATE B: Available in Q1 2024   |\n| 750-831/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-852               | UPDATE B: Available in Q1 2024   |\n| 750-880/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-881               | UPDATE B: Available in Q1 2024   |\n| 750-882               | UPDATE B: Available in Q1 2024   |\n| 750-885/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-889               | UPDATE B: Available in Q1 2024   |\n\n### Engineering Software\n\n| Name             | Firmware                         |\n|------------------|----------------------------------|\n| WAGO-I/O-PRO 32  | UPDATE B: Available in Q1 2024   |",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 9.8,
            "environmentalSeverity": "CRITICAL",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 9.8,
            "temporalSeverity": "CRITICAL",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017"
          ]
        }
      ],
      "title": "CVE-2022-31806"
    },
    {
      "cve": "CVE-2022-31805",
      "cwe": {
        "id": "CWE-523",
        "name": "Unprotected Transport of Credentials"
      },
      "notes": [
        {
          "category": "description",
          "text": "In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11):\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n- Setting strong passwords\n- Use e!Runtime or CODESYS V3\n\nFor vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12):\n\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n\n- Use encryption of online communication whenever possible, this protects password transmission.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available.\nUntil the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password.\n\n### PFC200 Family\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-8202/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8203/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8204/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8206/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8207/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8208/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8210/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8211/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8212/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8213/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8214/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8216/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8217/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 4th Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-823               | UPDATE B: Available in Q1 2024   |\n| 750-332               | UPDATE B: Available in Q1 2024   |\n| 750-832/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-862               | UPDATE B: Available in Q1 2024   |\n| 750-890/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-891               | UPDATE B: Available in Q1 2024   |\n| 750-893               | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 3rd Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-331               | UPDATE B: Available in Q1 2024   |\n| 750-829               | UPDATE B: Available in Q1 2024   |\n| 750-831/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-852               | UPDATE B: Available in Q1 2024   |\n| 750-880/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-881               | UPDATE B: Available in Q1 2024   |\n| 750-882               | UPDATE B: Available in Q1 2024   |\n| 750-885/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-889               | UPDATE B: Available in Q1 2024   |\n\n### Engineering Software\n\n| Name             | Firmware                         |\n|------------------|----------------------------------|\n| WAGO-I/O-PRO 32  | UPDATE B: Available in Q1 2024   |",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 7.5,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017"
          ]
        }
      ],
      "title": "CVE-2022-31805"
    },
    {
      "cve": "CVE-2022-32143",
      "cwe": {
        "id": "CWE-552",
        "name": "Files or Directories Accessible to External Parties"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple CODESYS products, file download and upload function allows access to internal files in the working directory e.g. firmware files of the PLC. All requests are processed on the controller only if no level 1 password is configured on the controller or if remote attacker has previously successfully authenticated himself to the controller. A successful Attack may lead to a denial of service, change of local files, or drain of confidential Information. User interaction is not required",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11):\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n- Setting strong passwords\n- Use e!Runtime or CODESYS V3\n\nFor vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12):\n\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n\n- Use encryption of online communication whenever possible, this protects password transmission.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available.\nUntil the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password.\n\n### PFC200 Family\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-8202/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8203/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8204/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8206/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8207/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8208/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8210/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8211/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8212/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8213/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8214/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8216/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8217/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 4th Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-823               | UPDATE B: Available in Q1 2024   |\n| 750-332               | UPDATE B: Available in Q1 2024   |\n| 750-832/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-862               | UPDATE B: Available in Q1 2024   |\n| 750-890/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-891               | UPDATE B: Available in Q1 2024   |\n| 750-893               | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 3rd Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-331               | UPDATE B: Available in Q1 2024   |\n| 750-829               | UPDATE B: Available in Q1 2024   |\n| 750-831/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-852               | UPDATE B: Available in Q1 2024   |\n| 750-880/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-881               | UPDATE B: Available in Q1 2024   |\n| 750-882               | UPDATE B: Available in Q1 2024   |\n| 750-885/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-889               | UPDATE B: Available in Q1 2024   |\n\n### Engineering Software\n\n| Name             | Firmware                         |\n|------------------|----------------------------------|\n| WAGO-I/O-PRO 32  | UPDATE B: Available in Q1 2024   |",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.8,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 8.8,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017"
          ]
        }
      ],
      "title": "CVE-2022-32143"
    },
    {
      "cve": "CVE-2022-32142",
      "cwe": {
        "id": "CWE-823",
        "name": "Use of Out-of-range Pointer Offset"
      },
      "notes": [
        {
          "category": "description",
          "text": "Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a change of local files. User interaction is not required.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11):\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n- Setting strong passwords\n- Use e!Runtime or CODESYS V3\n\nFor vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12):\n\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n\n- Use encryption of online communication whenever possible, this protects password transmission.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available.\nUntil the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password.\n\n### PFC200 Family\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-8202/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8203/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8204/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8206/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8207/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8208/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8210/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8211/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8212/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8213/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8214/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8216/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8217/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 4th Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-823               | UPDATE B: Available in Q1 2024   |\n| 750-332               | UPDATE B: Available in Q1 2024   |\n| 750-832/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-862               | UPDATE B: Available in Q1 2024   |\n| 750-890/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-891               | UPDATE B: Available in Q1 2024   |\n| 750-893               | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 3rd Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-331               | UPDATE B: Available in Q1 2024   |\n| 750-829               | UPDATE B: Available in Q1 2024   |\n| 750-831/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-852               | UPDATE B: Available in Q1 2024   |\n| 750-880/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-881               | UPDATE B: Available in Q1 2024   |\n| 750-882               | UPDATE B: Available in Q1 2024   |\n| 750-885/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-889               | UPDATE B: Available in Q1 2024   |\n\n### Engineering Software\n\n| Name             | Firmware                         |\n|------------------|----------------------------------|\n| WAGO-I/O-PRO 32  | UPDATE B: Available in Q1 2024   |",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalScore": 8.1,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 8.1,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017"
          ]
        }
      ],
      "title": "CVE-2022-32142"
    },
    {
      "cve": "CVE-2022-32141",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "description",
          "text": "Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a denial-of-service condition. User interaction is not required.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11):\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n- Setting strong passwords\n- Use e!Runtime or CODESYS V3\n\nFor vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12):\n\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n\n- Use encryption of online communication whenever possible, this protects password transmission.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available.\nUntil the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password.\n\n### PFC200 Family\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-8202/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8203/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8204/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8206/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8207/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8208/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8210/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8211/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8212/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8213/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8214/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8216/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8217/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 4th Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-823               | UPDATE B: Available in Q1 2024   |\n| 750-332               | UPDATE B: Available in Q1 2024   |\n| 750-832/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-862               | UPDATE B: Available in Q1 2024   |\n| 750-890/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-891               | UPDATE B: Available in Q1 2024   |\n| 750-893               | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 3rd Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-331               | UPDATE B: Available in Q1 2024   |\n| 750-829               | UPDATE B: Available in Q1 2024   |\n| 750-831/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-852               | UPDATE B: Available in Q1 2024   |\n| 750-880/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-881               | UPDATE B: Available in Q1 2024   |\n| 750-882               | UPDATE B: Available in Q1 2024   |\n| 750-885/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-889               | UPDATE B: Available in Q1 2024   |\n\n### Engineering Software\n\n| Name             | Firmware                         |\n|------------------|----------------------------------|\n| WAGO-I/O-PRO 32  | UPDATE B: Available in Q1 2024   |",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017"
          ]
        }
      ],
      "title": "CVE-2022-32141"
    },
    {
      "cve": "CVE-2022-32140",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "notes": [
        {
          "category": "description",
          "text": "Multiple CODESYS products are affected to a buffer overflow.A low privileged remote attacker may craft a request, which can cause a buffer copy without checking the size of the service, resulting in a denial-of-service condition. User Interaction is not required.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11):\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n- Setting strong passwords\n- Use e!Runtime or CODESYS V3\n\nFor vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12):\n\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n\n- Use encryption of online communication whenever possible, this protects password transmission.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available.\nUntil the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password.\n\n### PFC200 Family\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-8202/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8203/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8204/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8206/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8207/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8208/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8210/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8211/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8212/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8213/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8214/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8216/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8217/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 4th Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-823               | UPDATE B: Available in Q1 2024   |\n| 750-332               | UPDATE B: Available in Q1 2024   |\n| 750-832/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-862               | UPDATE B: Available in Q1 2024   |\n| 750-890/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-891               | UPDATE B: Available in Q1 2024   |\n| 750-893               | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 3rd Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-331               | UPDATE B: Available in Q1 2024   |\n| 750-829               | UPDATE B: Available in Q1 2024   |\n| 750-831/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-852               | UPDATE B: Available in Q1 2024   |\n| 750-880/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-881               | UPDATE B: Available in Q1 2024   |\n| 750-882               | UPDATE B: Available in Q1 2024   |\n| 750-885/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-889               | UPDATE B: Available in Q1 2024   |\n\n### Engineering Software\n\n| Name             | Firmware                         |\n|------------------|----------------------------------|\n| WAGO-I/O-PRO 32  | UPDATE B: Available in Q1 2024   |",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017"
          ]
        }
      ],
      "title": "CVE-2022-32140"
    },
    {
      "cve": "CVE-2022-32139",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple CODESYS products, a low privileged remote attacker may craft a request, which cause an out-of-bounds read, resulting in a denial-of-service condition. User Interaction is not required.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11):\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n- Setting strong passwords\n- Use e!Runtime or CODESYS V3\n\nFor vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12):\n\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n\n- Use encryption of online communication whenever possible, this protects password transmission.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available.\nUntil the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password.\n\n### PFC200 Family\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-8202/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8203/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8204/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8206/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8207/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8208/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8210/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8211/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8212/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8213/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8214/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8216/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8217/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 4th Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-823               | UPDATE B: Available in Q1 2024   |\n| 750-332               | UPDATE B: Available in Q1 2024   |\n| 750-832/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-862               | UPDATE B: Available in Q1 2024   |\n| 750-890/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-891               | UPDATE B: Available in Q1 2024   |\n| 750-893               | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 3rd Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-331               | UPDATE B: Available in Q1 2024   |\n| 750-829               | UPDATE B: Available in Q1 2024   |\n| 750-831/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-852               | UPDATE B: Available in Q1 2024   |\n| 750-880/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-881               | UPDATE B: Available in Q1 2024   |\n| 750-882               | UPDATE B: Available in Q1 2024   |\n| 750-885/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-889               | UPDATE B: Available in Q1 2024   |\n\n### Engineering Software\n\n| Name             | Firmware                         |\n|------------------|----------------------------------|\n| WAGO-I/O-PRO 32  | UPDATE B: Available in Q1 2024   |",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017"
          ]
        }
      ],
      "title": "CVE-2022-32139"
    },
    {
      "cve": "CVE-2022-32138",
      "cwe": {
        "id": "CWE-194",
        "name": "Unexpected Sign Extension"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a denial-of-service condition or memory overwrite.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11):\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n- Setting strong passwords\n- Use e!Runtime or CODESYS V3\n\nFor vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12):\n\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n\n- Use encryption of online communication whenever possible, this protects password transmission.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available.\nUntil the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password.\n\n### PFC200 Family\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-8202/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8203/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8204/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8206/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8207/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8208/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8210/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8211/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8212/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8213/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8214/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8216/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8217/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 4th Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-823               | UPDATE B: Available in Q1 2024   |\n| 750-332               | UPDATE B: Available in Q1 2024   |\n| 750-832/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-862               | UPDATE B: Available in Q1 2024   |\n| 750-890/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-891               | UPDATE B: Available in Q1 2024   |\n| 750-893               | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 3rd Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-331               | UPDATE B: Available in Q1 2024   |\n| 750-829               | UPDATE B: Available in Q1 2024   |\n| 750-831/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-852               | UPDATE B: Available in Q1 2024   |\n| 750-880/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-881               | UPDATE B: Available in Q1 2024   |\n| 750-882               | UPDATE B: Available in Q1 2024   |\n| 750-885/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-889               | UPDATE B: Available in Q1 2024   |\n\n### Engineering Software\n\n| Name             | Firmware                         |\n|------------------|----------------------------------|\n| WAGO-I/O-PRO 32  | UPDATE B: Available in Q1 2024   |",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.8,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 8.8,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016"
          ]
        }
      ],
      "title": "CVE-2022-32138"
    },
    {
      "cve": "CVE-2022-32137",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple CODESYS products, a low privileged remote attacker may craft a request, which may cause a heap-based buffer overflow, resulting in a denial-of-service condition or memory overwrite. User interaction is not required.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11):\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n- Setting strong passwords\n- Use e!Runtime or CODESYS V3\n\nFor vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12):\n\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n\n- Use encryption of online communication whenever possible, this protects password transmission.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available.\nUntil the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password.\n\n### PFC200 Family\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-8202/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8203/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8204/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8206/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8207/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8208/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8210/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8211/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8212/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8213/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8214/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8216/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8217/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 4th Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-823               | UPDATE B: Available in Q1 2024   |\n| 750-332               | UPDATE B: Available in Q1 2024   |\n| 750-832/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-862               | UPDATE B: Available in Q1 2024   |\n| 750-890/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-891               | UPDATE B: Available in Q1 2024   |\n| 750-893               | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 3rd Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-331               | UPDATE B: Available in Q1 2024   |\n| 750-829               | UPDATE B: Available in Q1 2024   |\n| 750-831/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-852               | UPDATE B: Available in Q1 2024   |\n| 750-880/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-881               | UPDATE B: Available in Q1 2024   |\n| 750-882               | UPDATE B: Available in Q1 2024   |\n| 750-885/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-889               | UPDATE B: Available in Q1 2024   |\n\n### Engineering Software\n\n| Name             | Firmware                         |\n|------------------|----------------------------------|\n| WAGO-I/O-PRO 32  | UPDATE B: Available in Q1 2024   |",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.8,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 8.8,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017"
          ]
        }
      ],
      "title": "CVE-2022-32137"
    },
    {
      "cve": "CVE-2022-32136",
      "cwe": {
        "id": "CWE-824",
        "name": "Access of Uninitialized Pointer"
      },
      "notes": [
        {
          "category": "description",
          "text": "In multiple CODESYS products, a low privileged remote attacker may craft a request that cause a read access to an uninitialized pointer, resulting in a denial-of-service. User interaction is not required.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11):\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n- Setting strong passwords\n- Use e!Runtime or CODESYS V3\n\nFor vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12):\n\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n\n- Use encryption of online communication whenever possible, this protects password transmission.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available.\nUntil the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password.\n\n### PFC200 Family\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-8202/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8203/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8204/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8206/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8207/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8208/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8210/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8211/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8212/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8213/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8214/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8216/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8217/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 4th Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-823               | UPDATE B: Available in Q1 2024   |\n| 750-332               | UPDATE B: Available in Q1 2024   |\n| 750-832/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-862               | UPDATE B: Available in Q1 2024   |\n| 750-890/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-891               | UPDATE B: Available in Q1 2024   |\n| 750-893               | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 3rd Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-331               | UPDATE B: Available in Q1 2024   |\n| 750-829               | UPDATE B: Available in Q1 2024   |\n| 750-831/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-852               | UPDATE B: Available in Q1 2024   |\n| 750-880/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-881               | UPDATE B: Available in Q1 2024   |\n| 750-882               | UPDATE B: Available in Q1 2024   |\n| 750-885/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-889               | UPDATE B: Available in Q1 2024   |\n\n### Engineering Software\n\n| Name             | Firmware                         |\n|------------------|----------------------------------|\n| WAGO-I/O-PRO 32  | UPDATE B: Available in Q1 2024   |",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 6.5,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 6.5,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017"
          ]
        }
      ],
      "title": "CVE-2022-32136"
    },
    {
      "cve": "CVE-2022-1965",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "description",
          "text": "Multiple products of CODESYS implement a improper error handling. A low privilege remote attacker may craft a request, which is not properly processed by the error handling. In consequence, the file referenced by the request could be deleted. User interaction is not required.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002",
          "CSAFPID-32003",
          "CSAFPID-32004",
          "CSAFPID-32005",
          "CSAFPID-32006",
          "CSAFPID-32007",
          "CSAFPID-32008",
          "CSAFPID-32009",
          "CSAFPID-32010",
          "CSAFPID-32011",
          "CSAFPID-32012",
          "CSAFPID-32013",
          "CSAFPID-32014"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002",
          "CSAFPID-31003",
          "CSAFPID-31004",
          "CSAFPID-31005",
          "CSAFPID-31006",
          "CSAFPID-31007",
          "CSAFPID-31008",
          "CSAFPID-31009",
          "CSAFPID-31010",
          "CSAFPID-31011",
          "CSAFPID-31012",
          "CSAFPID-31013",
          "CSAFPID-31014",
          "CSAFPID-31015",
          "CSAFPID-31016",
          "CSAFPID-31017"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "For vulnerabilities CVE-2022-1965, CVE-2022-32136, CVE-2022-32137, CVE-2022-32138, CVE-2022-32139, CVE-2022-32140, CVE-2022-32141, CVE-2022-32142, CVE-2022-32143 (CODESYS Advisory 2022-11):\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n- Setting strong passwords\n- Use e!Runtime or CODESYS V3\n\nFor vulnerabilities CVE-2022-31805, CVE-2022-31806 (CODESYS Advisory 2022-12):\n\n- Activation of online user management, to prevent unallowed actions from unauthorized attackers\n\n- Use encryption of online communication whenever possible, this protects password transmission.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "WAGO recommends that all affected users with WAGO I/O-PRO/CODESYS 2.3 PLCs update to the firmware and use the latest version of WAGO I/O-Pro as soon as it is available.\nUntil the updates are available, we recommend switching off the CODESYS IP port 2455 after commissioning or, if this not possible, use a strong admin password.\n\n### PFC200 Family\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-8202/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8203/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8204/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8206/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8207/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8208/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8210/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8211/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8212/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8213/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8214/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8216/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n| 750-8217/xxx-xxx      | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 4th Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-823               | UPDATE B: Available in Q1 2024   |\n| 750-332               | UPDATE B: Available in Q1 2024   |\n| 750-832/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-862               | UPDATE B: Available in Q1 2024   |\n| 750-890/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-891               | UPDATE B: Available in Q1 2024   |\n| 750-893               | UPDATE B: Available in Q1 2024   |\n\n### Ethernet Controller 3rd Generation Family \u2013 UPDATE B\n\n| Ord. No.              | Firmware                         |\n|-----------------------|----------------------------------|\n| 750-331               | UPDATE B: Available in Q1 2024   |\n| 750-829               | UPDATE B: Available in Q1 2024   |\n| 750-831/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-852               | UPDATE B: Available in Q1 2024   |\n| 750-880/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-881               | UPDATE B: Available in Q1 2024   |\n| 750-882               | UPDATE B: Available in Q1 2024   |\n| 750-885/xxx-xxx       | UPDATE B: Available in Q1 2024   |\n| 750-889               | UPDATE B: Available in Q1 2024   |\n\n### Engineering Software\n\n| Name             | Firmware                         |\n|------------------|----------------------------------|\n| WAGO-I/O-PRO 32  | UPDATE B: Available in Q1 2024   |",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalScore": 8.1,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 8.1,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002",
            "CSAFPID-31003",
            "CSAFPID-31004",
            "CSAFPID-31005",
            "CSAFPID-31006",
            "CSAFPID-31007",
            "CSAFPID-31008",
            "CSAFPID-31009",
            "CSAFPID-31010",
            "CSAFPID-31011",
            "CSAFPID-31012",
            "CSAFPID-31013",
            "CSAFPID-31014",
            "CSAFPID-31015",
            "CSAFPID-31016",
            "CSAFPID-31017"
          ]
        }
      ],
      "title": "CVE-2022-1965"
    }
  ]
}

ICSA-25-182-03

Vulnerability from csaf_cisa - Published: 2024-12-03 11:00 - Updated: 2024-12-03 11:00

Summary

FESTO CODESYS

Notes

Impact: The identified vulnerabilities could lead to denial-of-service attacks, exhaustion of TCP connections, and unauthorized access to the system.

Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Advisory Conversion Disclaimer: This ICSA is a verbatim republication of Festo SE FSA-202406 from a direct conversion of their vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Festo SE directly for any questions regarding this advisory.

Critical infrastructure sectors: Critical manufacturing

Countries/areas deployed: Worldwide

Company headquarters location: Germany

Recommended Practices: CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.

Recommended Practices: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.

Recommended Practices: Locate control system networks and remote devices behind firewalls and isolate them from business networks.

Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.

Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

CVE-2022-31802

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-187 - Partial String Comparison

CVE-2022-31803

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-400 - Uncontrolled Resource Consumption

CVE-2022-31804

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-789 - Memory Allocation with Excessive Size Value

References

URL

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-31803 (GCVE-0-2022-31803)

VAR-202206-2040

FSA-202406

GHSA-9348-VPWC-CH78

GSD-2022-31803

FKIE_CVE-2022-31803

VDE-2022-040

ICSA-25-182-03

Tags

Sightings

Nomenclature