Multiple vulnerabilities in CODESYS Development System
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2023-3662 CVE-2023-3669 CVE-2023-3663 |
| CWE-ID | CWE-426 CWE-307 CWE-353 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
CODESYS Development System Client/Desktop applications / Other client software |
| Vendor |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Untrusted search path
EUVDB-ID: #VU79507
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-3662
CWE-ID:
CWE-426 - Untrusted Search Path
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to usage of an untrusted search path. A local user can place a malicious binary into a specific location on the system and execute arbitrary code with escalated privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCODESYS Development System: before 3.5.19.20
External linkshttp://cert.vde.com/en/advisories/VDE-2023-021/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper restriction of excessive authentication attempts
EUVDB-ID: #VU79506
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-3669
CWE-ID:
CWE-307 - Improper Restriction of Excessive Authentication Attempts
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform brute-force attack.
The vulnerability exists due to a missing brute-force protection mechanism. A remote attacker can use an unlimited number of attempts to guess victim's password within an import dialog.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCODESYS Development System: before 3.5.19.20
External linkshttp://cert.vde.com/en/advisories/VDE-2023-023
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Missing support for integrity check
EUVDB-ID: #VU79505
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-3663
CWE-ID:
CWE-353 - Missing Support for Integrity Check
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to missing integrity check on notification data within the LearnMoreAction function. An attacker on the local network can send specially crafted requests to the application and execute arbitrary code on the system.
Install updates from vendor's website.
Vulnerable software versionsCODESYS Development System: before 3.5.19.20
External linkshttp://cert.vde.com/en/advisories/VDE-2023-022/
http://www.zerodayinitiative.com/advisories/ZDI-23-1105/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
