CVE-2018-25048

Summary

The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device.

Affected Software

VendorProductVersion RangeStatus
CODESYSControl for BeagleBone3.0.0.0 < 3.5.12.30affected
CODESYSControl for emPC-A/iMX63.0.0.0 < 3.5.12.30affected
CODESYSControl for IOT20003.0.0.0 < 3.5.12.30affected
CODESYSControl for PFC1003.0.0.0 < 3.5.12.30affected
CODESYSControl for PFC2003.0.0.0 < 3.5.12.30affected
CODESYSControl for Raspberry Pi3.0.0.0 < 3.5.12.30affected
CODESYSControl RTE V3 (all variants)3.0.0.0 < 3.5.12.30affected
CODESYSControl Win V3 (all variants)3.0.0.0 < 3.5.12.30affected
CODESYSV3 Simulation Runtime (part of the CODESYS Development System)3.0.0.0 < 3.5.12.30affected
CODESYSHMI V3 (all variants)3.0.0.0 < 3.5.12.30affected
CODESYSV3 Remote Target Visu (all variants)3.0.0.0 < 3.5.12.30affected
CODESYSControl V3 Runtime System Toolkit3.0.0.0 < 3.5.12.30affected
CODESYSV3 Embedded Target Visu Toolkit3.0.0.0 < 3.5.12.30affected
CODESYSV3 Remote Target Visu Toolkit3.0.0.0 < 3.5.12.30affected
CODESYSRuntime Toolkit 32 bit embedded2.0.0.0 < 2.3.2.10affected
CODESYSRuntime Toolkit 32 bit full2.0.0.0 < 2.4.7.52affected
CODESYSRuntime PLCWinNT2.0.0.0 < 2.4.7.52affected

Weaknesses

  • CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References