Advisories

For CVSS 2.0, 3.0 and 3.2
VDE-2023-021
Aug. 3, 2023, 12:48 PM

CODESYS: Vulnerability in CODESYS Development System allows execution of binaries

The CODESYS Development System is vulnerable to the execution of malicious binaries from the current working directory.
CVE-2023-3662
VDE-2023-019
Aug. 3, 2023, 12:42 PM

CODESYS: Multiple Vulnerabilities in CmpApp CmpAppBP and CmpAppForce

CODESYS Control V3 runtime systems are affected by several security vulnerabilities in the communication server implementations for the CODESYS protocol. These may be exploited by authenticated attackers.
CVE-2023-37545
CVE-2023-37546
CVE-2023-37547
CVE-2023-37548
CVE-2023-37549
CVE-2023-37550
CVE-2023-37551
CVE-2023-37552
CVE-2023-37553
CVE-2023-37554
CVE-2023-37555
CVE-2023-37556
CVE-2023-37557
CVE-2023-37558
CVE-2023-37559
VDE-2023-024
July 28, 2023, 9:45 AM

CODESYS: Vulnerability in CODESYS Development System and CODESYS Scripting

In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful …
CVE-2023-3670