VDE-2023-042

Vulnerability from csaf_wagogmbhcokg - Published: 2023-09-25 10:00 - Updated: 2024-11-20 11:00
Summary
Wago: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro (UPDATE B)
Notes
Summary: Critical vulnerability has been discovered in the utilized component PROFINET IO Device by Hilscher Gesellschaft für Systemautomation mbH. The impact of the vulnerability on the affected device is that it can no longer perform acyclic requests may drop all established cyclic connections may disappear completely from the network For more information see advisory by Hilscher: https://kb.hilscher.com/display/ISMS/2020-12-03+Denial+of+Service+vulnerability+in+PROFINET+IO+Device Update 20.11.2024: Products have been added
Impact: WAGO controllers and IO-Devices are not affected by WIBU-SYSTEMS Codemeter vulnerabilities. However, due to compatibility reasons to the CODESYS Store, the e!COCKPIT and engineering software is bundled with a WIBU-SYSTEMS Codemeter installation.
Mitigation: Use general security best practices to protect systems from local and network attacks. For further details on risk mitigation and impact of this vulnerability, please refer to the official WIBU-SYSTEMS Product Security Advisory WIBU-230704-01 at Website https://www.wibu.com/support/security-advisories.html.
Remediation: Until an update is available for e!COCKPIT and WAGO-I/O-Pro (CODESYS 2.3) we strongly encourage users to update WIBU-SYSTEMS Codemeter by installing the latest available stand-alone WIBU-SYSTEMS Codemeter Version. (https://www.wibu.com/support/user/user-software.html).
CVE-2023-3935

A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.

9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-787 - Out-of-bounds Write
Mitigation Use general security best practices to protect systems from local and network attacks. For further details on risk mitigation and impact of this vulnerability, please refer to the official WIBU-SYSTEMS Product Security Advisory WIBU-230704-01 at Website https://www.wibu.com/support/security-advisories.html.
Vendor Fix Until an update is available for e!COCKPIT and WAGO-I/O-Pro (CODESYS 2.3) we strongly encourage users to update WIBU-SYSTEMS Codemeter by installing the latest available stand-alone WIBU-SYSTEMS Codemeter Version. (https://www.wibu.com/support/user/user-software.html).
References
Acknowledgments
CERT@VDE certvde.com
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "Critical vulnerability has been discovered in the utilized component PROFINET IO Device by Hilscher Gesellschaft f\u00fcr Systemautomation mbH.\nThe impact of the vulnerability on the affected device is that it can\n\nno longer perform acyclic requests\nmay drop all established cyclic connections may\ndisappear completely from the network\nFor more information see advisory by Hilscher:\n\nhttps://kb.hilscher.com/display/ISMS/2020-12-03+Denial+of+Service+vulnerability+in+PROFINET+IO+Device\n\nUpdate 20.11.2024: Products have been added",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "WAGO controllers and IO-Devices are not affected by WIBU-SYSTEMS Codemeter vulnerabilities. However, due to compatibility reasons to the CODESYS Store, the e!COCKPIT and engineering software is bundled with a WIBU-SYSTEMS Codemeter installation.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Use general security best practices to protect systems from local and network attacks.\n\nFor further details on risk mitigation and impact of this vulnerability, please refer to the official WIBU-SYSTEMS Product Security Advisory WIBU-230704-01 at Website https://www.wibu.com/support/security-advisories.html.",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "Until an update is available for e!COCKPIT and WAGO-I/O-Pro (CODESYS 2.3) we strongly encourage users to update WIBU-SYSTEMS Codemeter by installing the latest available stand-alone WIBU-SYSTEMS Codemeter Version. (https://www.wibu.com/support/user/user-software.html).",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@wago.com",
      "name": "WAGO GmbH \u0026 Co. KG",
      "namespace": "https://www.wago.com/psirt"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2023-042: Wago: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro (UPDATE B) - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2023-042/"
      },
      {
        "category": "self",
        "summary": "VDE-2023-042: Wago: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro (UPDATE B) - CSAF",
        "url": "https://wago.csaf-tp.certvde.com/.well-known/csaf/white/2023/vde-2023-042.json"
      },
      {
        "category": "external",
        "summary": "Vendor PSIRT",
        "url": "https://www.wago.com/psirt"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for WAGO GmbH \u0026 Co. KG",
        "url": "https://certvde.com/en/advisories/vendor/wago/"
      }
    ],
    "title": "Wago: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro (UPDATE B)",
    "tracking": {
      "aliases": [
        "VDE-2023-042"
      ],
      "current_release_date": "2024-11-20T11:00:00.000Z",
      "generator": {
        "date": "2025-05-05T08:18:40.876Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.24"
        }
      },
      "id": "VDE-2023-042",
      "initial_release_date": "2023-09-25T10:00:00.000Z",
      "revision_history": [
        {
          "date": "2023-09-25T10:00:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        },
        {
          "date": "2024-11-20T11:00:00.000Z",
          "number": "2",
          "summary": "Update A"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "\u003c=1.11.2.0",
                    "product": {
                      "name": "e!COCKPIT engineering software installation bundle \u003c=1.11.2.0",
                      "product_id": "CSAFPID-51001"
                    }
                  }
                ],
                "category": "product_name",
                "name": "e!COCKPIT engineering software installation bundle"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "2.3.9.45\u003c=2.3.9.70",
                    "product": {
                      "name": "WAGO-I/O-Pro (CODESYS 2.3) engineering software installation 2.3.9.45\u003c=2.3.9.70",
                      "product_id": "CSAFPID-51002"
                    }
                  }
                ],
                "category": "product_name",
                "name": "WAGO-I/O-Pro (CODESYS 2.3) engineering software installation"
              }
            ],
            "category": "product_family",
            "name": "Software"
          }
        ],
        "category": "vendor",
        "name": "Wago"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-51001",
          "CSAFPID-51002"
        ],
        "summary": "Affected products."
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-3935",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "description",
          "text": "A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-51001",
          "CSAFPID-51002"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Use general security best practices to protect systems from local and network attacks.\n\nFor further details on risk mitigation and impact of this vulnerability, please refer to the official WIBU-SYSTEMS Product Security Advisory WIBU-230704-01 at Website https://www.wibu.com/support/security-advisories.html.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Until an update is available for e!COCKPIT and WAGO-I/O-Pro (CODESYS 2.3) we strongly encourage users to update WIBU-SYSTEMS Codemeter by installing the latest available stand-alone WIBU-SYSTEMS Codemeter Version. (https://www.wibu.com/support/user/user-software.html).",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 9.8,
            "environmentalSeverity": "CRITICAL",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 9.8,
            "temporalSeverity": "CRITICAL",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-51001",
            "CSAFPID-51002"
          ]
        }
      ],
      "title": "CVE-2023-3935"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.