#VU19622 Memory leak in CODESYS products - CVE-2019-9012

Cybersecurity Help s.r.o.

Published: 2019-08-02 | Updated: 2019-08-02

Vulnerability identifier: #VU19622

Vulnerability risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-9012

CWE-ID: CWE-401

Exploitation vector: Local network

Exploit availability: No

Vendor: CODESYS

Description

The vulnerability allows a remote attacker to perform DoS attack.

The vulnerability exists due memory leak within the CmpGateway component when processing network traffic. A remote attacker can send specially crafted packets to the affected application and perform denial of service attack.

Mitigation
3S-Smart Software Solutions GmbH has released 3.5.14.20 and 3.5.15.0 versions to address this vulnerability.

Vulnerable software versions

CODESYS Development System: All versions

CODESYS Gateway: All versions

CODESYS Control Runtime System Toolkit: All versions

CODESYS Control for Raspberry Pi: All versions

CODESYS Control for PFC200: All versions

CODESYS Control for PFC100: All versions

CODESYS Control for Linux: All versions

CODESYS Control for IOT2000: All versions

CODESYS Control for emPC-A/iMX6: All versions

CODESYS Control for BeagleBone: All versions

CODESYS firmware: 3.5.3.0 - 3.5.14.10

External links
https://ics-cert.us-cert.gov/advisories/icsa-19-213-03
https://www.codesys.com/fileadmin/data/customers/security/2019/Advisory2019-03_CDS-64208.pdf

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in 3S-Smart Software Solutions GmbH CODESYS V3 solutions