CVE-2024-41975

Summary

An unauthenticated remote attacker can gain limited information of the PLC network but the user management of the PLCs prevents the actual access to the PLCs.

Affected Software

VendorProductVersion RangeStatus
CODESYSCODESYS Edge Gateway0 < 3.5.21.0affected
CODESYSCODESYS Gateway for Windows0 < 3.5.21.0affected

Weaknesses

  • CWE-1188: CWE-1188 Insecure Default Initialization of Resource

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References