NULL pointer dereference in CODESYS Server applications

#VU21099 NULL pointer dereference in CODESYS Server applications

Published: 2019-09-13 | Updated: 2019-09-13

Vulnerability identifier: #VU21099

Vulnerability risk: Low

CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-13542

CWE-ID: CWE-476

Exploitation vector: Network

Exploit availability: No

Vendor: CODESYS

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error when processing requests. A remote authenticated attacker can send a specially crafted request from a trusted OPC UA client and perform a denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

CODESYS Control Win V3 (part of the CODESYS Development System setup): All versions

CODESYS Control RTE V3: All versions

CODESYS Control RTE V3 (for Beckhoff CX): All versions

CODESYS Control for Raspberry Pi: All versions

CODESYS Control for PFC200: All versions

CODESYS Control for PFC100: All versions

CODESYS Control for Linux: All versions

CODESYS Control for IOT2000: All versions

CODESYS Control for emPC-A/iMX6: All versions

CODESYS Control for BeagleBone: All versions

CODESYS firmware: 3.5.11.0 - 3.5.14.40

External links
http://ics-cert.us-cert.gov/advisories/icsa-19-255-04

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

OpenSUSE Linux update for git

Gentoo update for Git

OpenSUSE Linux update for git

Amazon Linux AMI update for git

Multiple vulnerabilities in CODESYS products