#VU16610 Use of insufficiently random values in CODESYS Client/Desktop applications


Published: 2018-12-18 | Updated: 2018-12-19

Vulnerability identifier: #VU16610

Vulnerability risk: Low

CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-20025

CWE-ID: CWE-330

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
CODESYS Simulation Runtime
Client/Desktop applications / Other client software
CODESYS Development System
Client/Desktop applications / Other client software
CODESYS PLCHandler SDK
Client/Desktop applications / Other client software
CODESYS OPC Server
Client/Desktop applications / Other client software
CODESYS HMI
Client/Desktop applications / Other client software
CODESYS Gateway
Client/Desktop applications / Other client software
CODESYS Safety SIL2
Client/Desktop applications / Other client software
CODESYS Remote Target Visu Toolkit
Client/Desktop applications / Other client software
CODESYS Embedded Target Visu Toolkit
Client/Desktop applications / Other client software
CODESYS Control Runtime System Toolkit
Client/Desktop applications / Other client software
CODESYS Control Win
Client/Desktop applications / Other client software
CODESYS Control RTE
Client/Desktop applications / Other client software
CODESYS Control for Raspberry Pi
Client/Desktop applications / Other client software
CODESYS Control for PFC200
Client/Desktop applications / Other client software
CODESYS Control for PFC100
Client/Desktop applications / Other client software
CODESYS Control for Linux
Client/Desktop applications / Other client software
CODESYS Control for IOT2000
Client/Desktop applications / Other client software
CODESYS Control for emPC-A/iMX6
Client/Desktop applications / Other client software
CODESYS Control for BeagleBone
Client/Desktop applications / Other client software

Vendor: CODESYS

Description

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The vulnerability exists due to weak random values. A remote unauthenticated attacker can bypass security restrictions to affect the confidentiality and integrity of data stored on the device.

Mitigation
Install update from vendor's website.

Vulnerable software versions

CODESYS Simulation Runtime: All versions

CODESYS Development System: All versions

CODESYS PLCHandler SDK: All versions

CODESYS OPC Server: All versions

CODESYS HMI: All versions

CODESYS Gateway: All versions

CODESYS Safety SIL2: All versions

CODESYS Remote Target Visu Toolkit: All versions

CODESYS Embedded Target Visu Toolkit: All versions

CODESYS Control Runtime System Toolkit: All versions

CODESYS Control Win: All versions

CODESYS Control RTE: All versions

CODESYS Control for Raspberry Pi: All versions

CODESYS Control for PFC200: All versions

CODESYS Control for PFC100: All versions

CODESYS Control for Linux: All versions

CODESYS Control for IOT2000: All versions

CODESYS Control for emPC-A/iMX6: All versions

CODESYS Control for BeagleBone: All versions

External links
http://www.codesys.com/security/security-reports.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in CODESYS Control Products