Insecure communication in 3S-Smart Software Solutions GmbH CODESYS V3 solutions



Published: 2019-08-02
Risk Medium
Patch available NO
Number of vulnerabilities 1
CVE-ID CVE-2019-9013
CWE-ID CWE-319
Exploitation vector Local network
Public exploit N/A
Vulnerable software
Subscribe 		CODESYS HMI
Client/Desktop applications / Other client software

CODESYS Control Runtime System Toolkit
Client/Desktop applications / Other client software

CODESYS Simulation Runtime
Client/Desktop applications / Other client software

CODESYS Control RTE
Client/Desktop applications / Other client software

CODESYS Control for Raspberry Pi
Client/Desktop applications / Other client software

CODESYS Control for PFC200
Client/Desktop applications / Other client software

CODESYS Control for PFC100
Client/Desktop applications / Other client software

CODESYS Control for Linux
Client/Desktop applications / Other client software

CODESYS Control for IOT2000
Client/Desktop applications / Other client software

CODESYS Control for emPC-A/iMX6
Client/Desktop applications / Other client software

CODESYS Control for BeagleBone
Client/Desktop applications / Other client software

CODESYS firmware
Server applications / SCADA systems

Vendor CODESYS

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Cleartext transmission of sensitive information

EUVDB-ID: #VU19623

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:U/RC:C]

CVE-ID: CVE-2019-9013

CWE-ID: CWE-319 - Cleartext Transmission of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to software allows transmission of user credentials via insecure HTTP protocol. A remote attacker with ability to intercept network traffic can obtain user's credentials and gain unauthorized access to the system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

According to vendor statement, the vulnerability will be fixed in software version 3.5.16.0, planned for February 2020.

Vulnerable software versions

CODESYS HMI: All versions

CODESYS Control Runtime System Toolkit: All versions

CODESYS Simulation Runtime: All versions

CODESYS Control RTE: All versions

CODESYS Control for Raspberry Pi: All versions

CODESYS Control for PFC200: All versions

CODESYS Control for PFC100: All versions

CODESYS Control for Linux: All versions

CODESYS Control for IOT2000: All versions

CODESYS Control for emPC-A/iMX6: All versions

CODESYS Control for BeagleBone: All versions

CODESYS firmware: 3.5.3.0 - 3.5.15.0

External links

http://ics-cert.us-cert.gov/advisories/icsa-19-213-04
http://www.codesys.com/fileadmin/data/customers/security/2019/Advisory2019-08_CDS-62813.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###