VDE-2022-035
Vulnerability from csaf_wagogmbhcokg - Published: 2022-08-17 08:00 - Updated: 2022-08-17 08:00Summary
WAGO: Multiple product series affected by multiple CODESYS vulnerabilities
Notes
Summary: Multiple WAGO product families are prone to multiple vulnerabilities affecting CODESYS control runtime system.
Impact: Please consult the CVE entries for further information.
Mitigation: • We recommend all effected users of the PFC 100 & PFC 200 product family to update to firmware version 03.10.08(22) or later.
• We recommend all effected users of the TP600 and CC100 product family to update to firmware version 03.10.09(22) or later.
• The affected products of the CC100 family will receive a patched Version approximately in 09/22.
In addition to the mitigation hints concerning the above-mentioned vulnerabilities CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:
- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside
- Use firewalls to protect and separate the control system network from other networks
- Use VPN (Virtual Private Networks) tunnels if remote access is required
- Activate and apply user management and password features
- Use encrypted communication links
- Limit the access to both development and control system by physical means, operating system features, etc.
- Protect both development and control system by using up to date virus detecting solutions
For further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html
In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.
7.5 (High)
Mitigation
• We recommend all effected users of the PFC 100 & PFC 200 product family to update to firmware version 03.10.08(22) or later.
• We recommend all effected users of the TP600 and CC100 product family to update to firmware version 03.10.09(22) or later.
• The affected products of the CC100 family will receive a patched Version approximately in 09/22.
In addition to the mitigation hints concerning the above-mentioned vulnerabilities CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:
- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside
- Use firewalls to protect and separate the control system network from other networks
- Use VPN (Virtual Private Networks) tunnels if remote access is required
- Activate and apply user management and password features
- Use encrypted communication links
- Limit the access to both development and control system by physical means, operating system features, etc.
- Protect both development and control system by using up to date virus detecting solutions
For further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html
CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.
9.8 (Critical)
Mitigation
• We recommend all effected users of the PFC 100 & PFC 200 product family to update to firmware version 03.10.08(22) or later.
• We recommend all effected users of the TP600 and CC100 product family to update to firmware version 03.10.09(22) or later.
• The affected products of the CC100 family will receive a patched Version approximately in 09/22.
In addition to the mitigation hints concerning the above-mentioned vulnerabilities CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:
- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside
- Use firewalls to protect and separate the control system network from other networks
- Use VPN (Virtual Private Networks) tunnels if remote access is required
- Activate and apply user management and password features
- Use encrypted communication links
- Limit the access to both development and control system by physical means, operating system features, etc.
- Protect both development and control system by using up to date virus detecting solutions
For further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html
In CODESYS EtherNetIP before 4.1.0.0, specific EtherNet/IP requests may cause a null pointer dereference in the downloaded vulnerable EtherNet/IP stack that is executed by the CODESYS Control runtime system.
7.5 (High)
Mitigation
• We recommend all effected users of the PFC 100 & PFC 200 product family to update to firmware version 03.10.08(22) or later.
• We recommend all effected users of the TP600 and CC100 product family to update to firmware version 03.10.09(22) or later.
• The affected products of the CC100 family will receive a patched Version approximately in 09/22.
In addition to the mitigation hints concerning the above-mentioned vulnerabilities CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:
- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside
- Use firewalls to protect and separate the control system network from other networks
- Use VPN (Virtual Private Networks) tunnels if remote access is required
- Activate and apply user management and password features
- Use encrypted communication links
- Limit the access to both development and control system by physical means, operating system features, etc.
- Protect both development and control system by using up to date virus detecting solutions
For further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html
An exploitable code execution vulnerability exists in the PLC_Task functionality of 3S-Smart Software Solutions GmbH CODESYS Runtime 3.5.14.30. A specially crafted network request can cause remote code execution. An attacker can send a malicious packet to trigger this vulnerability.
8.8 (High)
Mitigation
• We recommend all effected users of the PFC 100 & PFC 200 product family to update to firmware version 03.10.08(22) or later.
• We recommend all effected users of the TP600 and CC100 product family to update to firmware version 03.10.09(22) or later.
• The affected products of the CC100 family will receive a patched Version approximately in 09/22.
In addition to the mitigation hints concerning the above-mentioned vulnerabilities CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:
- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside
- Use firewalls to protect and separate the control system network from other networks
- Use VPN (Virtual Private Networks) tunnels if remote access is required
- Activate and apply user management and password features
- Use encrypted communication links
- Limit the access to both development and control system by physical means, operating system features, etc.
- Protect both development and control system by using up to date virus detecting solutions
For further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html
CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).
7.5 (High)
Mitigation
• We recommend all effected users of the PFC 100 & PFC 200 product family to update to firmware version 03.10.08(22) or later.
• We recommend all effected users of the TP600 and CC100 product family to update to firmware version 03.10.09(22) or later.
• The affected products of the CC100 family will receive a patched Version approximately in 09/22.
In addition to the mitigation hints concerning the above-mentioned vulnerabilities CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:
- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside
- Use firewalls to protect and separate the control system network from other networks
- Use VPN (Virtual Private Networks) tunnels if remote access is required
- Activate and apply user management and password features
- Use encrypted communication links
- Limit the access to both development and control system by physical means, operating system features, etc.
- Protect both development and control system by using up to date virus detecting solutions
For further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html
CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.
7.3 (High)
Mitigation
• We recommend all effected users of the PFC 100 & PFC 200 product family to update to firmware version 03.10.08(22) or later.
• We recommend all effected users of the TP600 and CC100 product family to update to firmware version 03.10.09(22) or later.
• The affected products of the CC100 family will receive a patched Version approximately in 09/22.
In addition to the mitigation hints concerning the above-mentioned vulnerabilities CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:
- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside
- Use firewalls to protect and separate the control system network from other networks
- Use VPN (Virtual Private Networks) tunnels if remote access is required
- Activate and apply user management and password features
- Use encrypted communication links
- Limit the access to both development and control system by physical means, operating system features, etc.
- Protect both development and control system by using up to date virus detecting solutions
For further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html
References
| URL | Category | |
|---|---|---|
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Multiple WAGO product families are prone to multiple vulnerabilities affecting CODESYS control runtime system.",
"title": "Summary"
},
{
"category": "description",
"text": "Please consult the CVE entries for further information.",
"title": "Impact"
},
{
"category": "description",
"text": "\u2022 We recommend all effected users of the PFC 100 \u0026 PFC 200 product family to update to firmware version 03.10.08(22) or later.\n\n\u2022 We recommend all effected users of the TP600 and CC100 product family to update to firmware version 03.10.09(22) or later. \n\n\u2022 The affected products of the CC100 family will receive a patched Version approximately in 09/22.\n\nIn addition to the mitigation hints concerning the above-mentioned vulnerabilities CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside\n- Use firewalls to protect and separate the control system network from other networks\n- Use VPN (Virtual Private Networks) tunnels if remote access is required\n- Activate and apply user management and password features\n- Use encrypted communication links\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detecting solutions\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
"title": "Mitigation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@wago.com",
"name": "WAGO GmbH \u0026 Co. KG",
"namespace": "https://www.wago.com/psirt"
},
"references": [
{
"category": "self",
"summary": "VDE-2022-035: WAGO: Multiple product series affected by multiple CODESYS vulnerabilities - HTML",
"url": "https://certvde.com/en/advisories/VDE-2022-035/"
},
{
"category": "self",
"summary": "VDE-2022-035: WAGO: Multiple product series affected by multiple CODESYS vulnerabilities - CSAF",
"url": "https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2022/vde-2022-035.json"
},
{
"category": "external",
"summary": "Vendor PSIRT",
"url": "https://www.wago.com/psirt"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for WAGO GmbH \u0026 Co. KG",
"url": "https://certvde.com/en/advisories/vendor/wago/"
}
],
"title": "WAGO: Multiple product series affected by multiple CODESYS vulnerabilities",
"tracking": {
"aliases": [
"VDE-2022-035"
],
"current_release_date": "2022-08-17T08:00:00.000Z",
"generator": {
"date": "2025-05-26T08:33:34.917Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.26"
}
},
"id": "VDE-2022-035",
"initial_release_date": "2022-08-17T08:00:00.000Z",
"revision_history": [
{
"date": "2022-08-17T08:00:00.000Z",
"number": "1",
"summary": "Initial revision."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CC100",
"product": {
"name": "CC100",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"751-9301"
]
}
}
},
{
"category": "product_name",
"name": "EC300",
"product": {
"name": "EC300",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"752-8303/8000-0002"
]
}
}
},
{
"category": "product_name",
"name": "PFC 100",
"product": {
"name": "PFC 100",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"750-8102/xxx-xxx",
"750-8100/xxx-xxx",
"750-8101/xxx-xxx"
]
}
}
},
{
"category": "product_name",
"name": "PFC 200",
"product": {
"name": "PFC 200",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"750-8202/xxx-xxx",
"750-8206/xxx-xxx",
"750-8207/xxx-xxx",
"750-8210/xxx-xxx",
"750-8211/xxx-xxx",
"750-8212/xxx-xxx",
"750-8213/xxx-xxx",
"750-8214/xxx-xxx",
"750-8215/xxx-xxx",
"750-8216/xxx-xxx",
"750-8203/xxx-xxx",
"750-8204/xxx-xxx"
]
}
}
},
{
"category": "product_name",
"name": "TP600",
"product": {
"name": "TP600",
"product_id": "CSAFPID-11005",
"product_identification_helper": {
"model_numbers": [
"762-6x0x/8000-000x",
"762-4x0x/8000-000x",
"762-5x0x/8000-000x"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=03.09.07(21)",
"product": {
"name": "Firmware \u003c=03.09.07(21)",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version_range",
"name": "\u003c=03.07.14(19)",
"product": {
"name": "Firmware \u003c=03.07.14(19)",
"product_id": "CSAFPID-21002"
}
},
{
"category": "product_version_range",
"name": "\u003c=03.09.05(21)",
"product": {
"name": "Firmware \u003c=03.09.05(21)",
"product_id": "CSAFPID-21003"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "WAGO"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005"
],
"summary": "Affected products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=03.09.07(21) installed on CC100",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=03.07.14(19) installed on EC300",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=03.09.05(21) installed on PFC 100",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=03.09.05(21) installed on PFC 200",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=03.07.14(19) installed on TP600",
"product_id": "CSAFPID-31005"
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11005"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-36763",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"notes": [
{
"category": "description",
"text": "In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005"
]
},
"remediations": [
{
"category": "mitigation",
"details": "\u2022 We recommend all effected users of the PFC 100 \u0026 PFC 200 product family to update to firmware version 03.10.08(22) or later.\n\n\u2022 We recommend all effected users of the TP600 and CC100 product family to update to firmware version 03.10.09(22) or later. \n\n\u2022 The affected products of the CC100 family will receive a patched Version approximately in 09/22.\n\nIn addition to the mitigation hints concerning the above-mentioned vulnerabilities CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside\n- Use firewalls to protect and separate the control system network from other networks\n- Use VPN (Virtual Private Networks) tunnels if remote access is required\n- Activate and apply user management and password features\n- Use encrypted communication links\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detecting solutions\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005"
]
}
],
"title": "CVE-2021-36763"
},
{
"cve": "CVE-2021-33485",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005"
]
},
"remediations": [
{
"category": "mitigation",
"details": "\u2022 We recommend all effected users of the PFC 100 \u0026 PFC 200 product family to update to firmware version 03.10.08(22) or later.\n\n\u2022 We recommend all effected users of the TP600 and CC100 product family to update to firmware version 03.10.09(22) or later. \n\n\u2022 The affected products of the CC100 family will receive a patched Version approximately in 09/22.\n\nIn addition to the mitigation hints concerning the above-mentioned vulnerabilities CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside\n- Use firewalls to protect and separate the control system network from other networks\n- Use VPN (Virtual Private Networks) tunnels if remote access is required\n- Activate and apply user management and password features\n- Use encrypted communication links\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detecting solutions\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005"
]
}
],
"title": "CVE-2021-33485"
},
{
"cve": "CVE-2021-36765",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In CODESYS EtherNetIP before 4.1.0.0, specific EtherNet/IP requests may cause a null pointer dereference in the downloaded vulnerable EtherNet/IP stack that is executed by the CODESYS Control runtime system.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005"
]
},
"remediations": [
{
"category": "mitigation",
"details": "\u2022 We recommend all effected users of the PFC 100 \u0026 PFC 200 product family to update to firmware version 03.10.08(22) or later.\n\n\u2022 We recommend all effected users of the TP600 and CC100 product family to update to firmware version 03.10.09(22) or later. \n\n\u2022 The affected products of the CC100 family will receive a patched Version approximately in 09/22.\n\nIn addition to the mitigation hints concerning the above-mentioned vulnerabilities CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside\n- Use firewalls to protect and separate the control system network from other networks\n- Use VPN (Virtual Private Networks) tunnels if remote access is required\n- Activate and apply user management and password features\n- Use encrypted communication links\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detecting solutions\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005"
]
}
],
"title": "CVE-2021-36765"
},
{
"cve": "CVE-2020-6081",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"notes": [
{
"category": "description",
"text": "An exploitable code execution vulnerability exists in the PLC_Task functionality of 3S-Smart Software Solutions GmbH CODESYS Runtime 3.5.14.30. A specially crafted network request can cause remote code execution. An attacker can send a malicious packet to trigger this vulnerability.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005"
]
},
"remediations": [
{
"category": "mitigation",
"details": "\u2022 We recommend all effected users of the PFC 100 \u0026 PFC 200 product family to update to firmware version 03.10.08(22) or later.\n\n\u2022 We recommend all effected users of the TP600 and CC100 product family to update to firmware version 03.10.09(22) or later. \n\n\u2022 The affected products of the CC100 family will receive a patched Version approximately in 09/22.\n\nIn addition to the mitigation hints concerning the above-mentioned vulnerabilities CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside\n- Use firewalls to protect and separate the control system network from other networks\n- Use VPN (Virtual Private Networks) tunnels if remote access is required\n- Activate and apply user management and password features\n- Use encrypted communication links\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detecting solutions\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005"
]
}
],
"title": "CVE-2020-6081"
},
{
"cve": "CVE-2021-29241",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005"
]
},
"remediations": [
{
"category": "mitigation",
"details": "\u2022 We recommend all effected users of the PFC 100 \u0026 PFC 200 product family to update to firmware version 03.10.08(22) or later.\n\n\u2022 We recommend all effected users of the TP600 and CC100 product family to update to firmware version 03.10.09(22) or later. \n\n\u2022 The affected products of the CC100 family will receive a patched Version approximately in 09/22.\n\nIn addition to the mitigation hints concerning the above-mentioned vulnerabilities CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside\n- Use firewalls to protect and separate the control system network from other networks\n- Use VPN (Virtual Private Networks) tunnels if remote access is required\n- Activate and apply user management and password features\n- Use encrypted communication links\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detecting solutions\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005"
]
}
],
"title": "CVE-2021-29241"
},
{
"cve": "CVE-2021-29242",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router\u0027s addressing scheme and may re-route, add, remove or change low level communication packages.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005"
]
},
"remediations": [
{
"category": "mitigation",
"details": "\u2022 We recommend all effected users of the PFC 100 \u0026 PFC 200 product family to update to firmware version 03.10.08(22) or later.\n\n\u2022 We recommend all effected users of the TP600 and CC100 product family to update to firmware version 03.10.09(22) or later. \n\n\u2022 The affected products of the CC100 family will receive a patched Version approximately in 09/22.\n\nIn addition to the mitigation hints concerning the above-mentioned vulnerabilities CODESYS GmbH recommends the following general defense measures to reduce the risk of exploits:\n\n- Use controllers and devices only in a protected environment to minimize network exposure and ensure that they are not accessible from outside\n- Use firewalls to protect and separate the control system network from other networks\n- Use VPN (Virtual Private Networks) tunnels if remote access is required\n- Activate and apply user management and password features\n- Use encrypted communication links\n- Limit the access to both development and control system by physical means, operating system features, etc.\n- Protect both development and control system by using up to date virus detecting solutions\n\nFor further impact information and risk mitigation, please refer to the official CODESYS Advisory Website at https://www.codesys.com/security/security-reports.html",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"environmentalScore": 7.3,
"environmentalSeverity": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.3,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005"
]
}
],
"title": "CVE-2021-29242"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…