CVE-2012-6068
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not require authentication, which allows remote attackers to execute commands via the command-line interface in the TCP listener service or transfer files via requests to the TCP listener service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| 3S-Smart Software Solutions | CODESYS Control Runtime embedded | 0 < 2.3.2.8 | affected |
| 3S-Smart Software Solutions | CODESYS Control Runtime full | 0 < 2.4.7.40 | affected |
| 3S-Smart Software Solutions | CODESYS Control RTE | 0 < 2.3.7.17 | affected |
| Festo | CECX-X-C1 Modular Master Controller with CoDeSys | All | affected |
| Festo | CECX-X-M1 Modular Controller with CoDeSys and SoftMotion | All | affected |
| 3S-Smart Software Solutions | CoDeSys | 3.X | unaffected |
Weaknesses
- CWE-284: CWE-284
Workarounds
3S also recommends the usage of standard security methods like firewalls or virtual private network (VPN) access to prevent unauthorized access to the controller.
ADP Enrichment
CVE Program Container
Additional References
- http://www.codesys.com/news-events/press-releases/detail/article/sicherheitsluecke-in-codesys-v23-laufzeitsystem.html
- http://ics-cert.us-cert.gov/advisories/ICSA-14-084-01
- http://www.digitalbond.com/tools/basecamp/3s-codesys/
- http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-01.pdf
References
- http://www.codesys.com/news-events/press-releases/detail/article/sicherheitsluecke-in-codesys-v23-laufzeitsystem.html
- https://www.cisa.gov/news-events/ics-advisories/icsa-13-011-01
- http://www.digitalbond.com/tools/basecamp/3s-codesys/
- https://www.cisa.gov/news-events/ics-advisories/icsa-14-084-01
- https://us.codesys.com/ecosystem/security/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.