VAR-201911-0644
Vulnerability from variot - Updated: 2025-10-03 20:04CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow. CODESYS 3 web The server is vulnerable to a classic buffer overflow.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. 3S-Smart Software Solutions CODESYS V3 web server is a web server used in CODESYS products by German 3S-Smart Software Solutions. The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, causing incorrect read and write operations to be performed on other associated memory locations. An attacker could use this vulnerability to cause a buffer overflow or heap overflow
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201911-0644",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "control for empc-a\\/imx6",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.15.20"
},
{
"model": "control runtime system toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.15.20"
},
{
"model": "control for iot2000",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.15.20"
},
{
"model": "hmi",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.15.20"
},
{
"model": "control for raspberry pi",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.15.20"
},
{
"model": "control for beaglebone",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.15.20"
},
{
"model": "control for pfc200",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.15.20"
},
{
"model": "control for pfc100",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.15.20"
},
{
"model": "control rte",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.15.20"
},
{
"model": "control win",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.15.20"
},
{
"model": "control for plcnext",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.15.20"
},
{
"model": "control for linux",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.15.20"
},
{
"model": "embedded target visu toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.15.20"
},
{
"model": "remote target visu toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.15.20"
},
{
"model": "control runtime system toolkit",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for raspberry pi sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for iot2000 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for empc-a/imx6 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for beaglebone sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control rte sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for linux sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for plcnext",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for pfc200 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for pfc100 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "software solutions codesys",
"scope": "lt",
"trust": 0.6,
"vendor": "3s smart",
"version": "3.5.15.20"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control for beaglebone",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control for empc a imx6",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control for iot2000",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control for linux",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control for pfc100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control for pfc200",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control for plcnext",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control for raspberry pi",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control rte",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control runtime system toolkit",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control win",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "embedded target visu toolkit",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "hmi",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "remote target visu toolkit",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "418d9b6e-8164-4e9e-bc05-ad15b3929ef6"
},
{
"db": "CNVD",
"id": "CNVD-2019-42751"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012231"
},
{
"db": "NVD",
"id": "CVE-2019-18858"
}
]
},
"cve": "CVE-2019-18858",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-18858",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-42751",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "418d9b6e-8164-4e9e-bc05-ad15b3929ef6",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-18858",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-18858",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-18858",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-18858",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2019-42751",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-1189",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "418d9b6e-8164-4e9e-bc05-ad15b3929ef6",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "418d9b6e-8164-4e9e-bc05-ad15b3929ef6"
},
{
"db": "CNVD",
"id": "CNVD-2019-42751"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1189"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012231"
},
{
"db": "NVD",
"id": "CVE-2019-18858"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow. CODESYS 3 web The server is vulnerable to a classic buffer overflow.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. 3S-Smart Software Solutions CODESYS V3 web server is a web server used in CODESYS products by German 3S-Smart Software Solutions. The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, causing incorrect read and write operations to be performed on other associated memory locations. An attacker could use this vulnerability to cause a buffer overflow or heap overflow",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-18858"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012231"
},
{
"db": "CNVD",
"id": "CNVD-2019-42751"
},
{
"db": "IVD",
"id": "418d9b6e-8164-4e9e-bc05-ad15b3929ef6"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-18858",
"trust": 4.0
},
{
"db": "TENABLE",
"id": "TRA-2019-48",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2019-42751",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1189",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-25-273-04",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90492166",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012231",
"trust": 0.8
},
{
"db": "IVD",
"id": "418D9B6E-8164-4E9E-BC05-AD15B3929EF6",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "418d9b6e-8164-4e9e-bc05-ad15b3929ef6"
},
{
"db": "CNVD",
"id": "CNVD-2019-42751"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1189"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012231"
},
{
"db": "NVD",
"id": "CVE-2019-18858"
}
]
},
"id": "VAR-201911-0644",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "418d9b6e-8164-4e9e-bc05-ad15b3929ef6"
},
{
"db": "CNVD",
"id": "CNVD-2019-42751"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "418d9b6e-8164-4e9e-bc05-ad15b3929ef6"
},
{
"db": "CNVD",
"id": "CNVD-2019-42751"
}
]
},
"last_update_date": "2025-10-03T20:04:46.063000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Advisory\u00a02019-10",
"trust": 0.8,
"url": "https://customers.codesys.com/fileadmin/data/customers/security/2019/Advisory2019-10_CDS-68341.pdf"
},
{
"title": "Patch for 3S-Smart Software Solutions CODESYS Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/192697"
},
{
"title": "3S-Smart Software Solutions CODESYS V3 web server Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=103504"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-42751"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1189"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012231"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-012231"
},
{
"db": "NVD",
"id": "CVE-2019-18858"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18858"
},
{
"trust": 1.6,
"url": "https://customers.codesys.com/fileadmin/data/customers/security/2019/advisory2019-10_cds-68341.pdf"
},
{
"trust": 1.6,
"url": "https://www.tenable.com/security/research/tra-2019-48"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu90492166/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-273-04"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-42751"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1189"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012231"
},
{
"db": "NVD",
"id": "CVE-2019-18858"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "418d9b6e-8164-4e9e-bc05-ad15b3929ef6"
},
{
"db": "CNVD",
"id": "CNVD-2019-42751"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1189"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-012231"
},
{
"db": "NVD",
"id": "CVE-2019-18858"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-29T00:00:00",
"db": "IVD",
"id": "418d9b6e-8164-4e9e-bc05-ad15b3929ef6"
},
{
"date": "2019-11-29T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-42751"
},
{
"date": "2019-11-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1189"
},
{
"date": "2019-11-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-012231"
},
{
"date": "2019-11-20T18:15:10.917000",
"db": "NVD",
"id": "CVE-2019-18858"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-42751"
},
{
"date": "2020-07-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1189"
},
{
"date": "2025-10-02T06:49:00",
"db": "JVNDB",
"id": "JVNDB-2019-012231"
},
{
"date": "2024-11-21T04:33:43.753000",
"db": "NVD",
"id": "CVE-2019-18858"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1189"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3S-Smart Software Solutions CODESYS Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "418d9b6e-8164-4e9e-bc05-ad15b3929ef6"
},
{
"db": "CNVD",
"id": "CNVD-2019-42751"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "418d9b6e-8164-4e9e-bc05-ad15b3929ef6"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1189"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…