Stack-based buffer overflow in CODESYS products - CVE-2019-13548
Published: September 13, 2019
Vulnerability identifier: #VU21103
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2019-13548
CWE-ID: CWE-121
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: CODESYS
Affected software:
CODESYS V3 Remote Target Visu Toolkit
CODESYS V3 Embedded Target Visu Toolkit
CODESYS Control V3 Runtime System Toolkit
CODESYS HMI V3
CODESYS Control Win V3 (part of the CODESYS Development System setup)
CODESYS Control RTE V3 (for Beckhoff CX)
CODESYS Control RTE V3
CODESYS Control for Raspberry Pi
CODESYS Control for PFC200
CODESYS Control for PFC100
CODESYS Control for Linux
CODESYS Control for IOT2000
CODESYS Control for emPC-A/iMX6
CODESYS Control for BeagleBone
CODESYS firmware
CODESYS V3 Remote Target Visu Toolkit
CODESYS V3 Embedded Target Visu Toolkit
CODESYS Control V3 Runtime System Toolkit
CODESYS HMI V3
CODESYS Control Win V3 (part of the CODESYS Development System setup)
CODESYS Control RTE V3 (for Beckhoff CX)
CODESYS Control RTE V3
CODESYS Control for Raspberry Pi
CODESYS Control for PFC200
CODESYS Control for PFC100
CODESYS Control for Linux
CODESYS Control for IOT2000
CODESYS Control for emPC-A/iMX6
CODESYS Control for BeagleBone
CODESYS firmware
Detailed vulnerability description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the CODESYS V3 web server. A remote unauthenticated attacker can send a specially crafted HTTP or HTTPS request, trigger stack-based buffer overflow and cause a denial-of-service condition or execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
How to mitigate CVE-2019-13548
Install updates from vendor's website.