CVE-2023-37545 – CODESYS: Improper Input Validation in CmpApp component
https://notcve.org/view.php?id=CVE-2023-37545
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550 • https://cert.vde.com/en/advisories/VDE-2023-019 • CWE-20: Improper Input Validation •
CVE-2023-3662 – CODESYS: Vulnerability in CODESYS Development System allows for execution of binaries
https://notcve.org/view.php?id=CVE-2023-3662
In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context . • https://cert.vde.com/en/advisories/VDE-2023-021 • CWE-427: Uncontrolled Search Path Element •
CVE-2023-3663 – CODESYS: Missing integrity check in CODESYS Development System
https://notcve.org/view.php?id=CVE-2023-3663
In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of CODESYS Development System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the LearnMoreAction function. The issue results from a missing integrity check on notification data. An attacker can leverage this vulnerability to execute code in the context of the current user. • https://cert.vde.com/en/advisories/VDE-2023-022 • CWE-345: Insufficient Verification of Data Authenticity CWE-940: Improper Verification of Source of a Communication Channel •
CVE-2023-3670 – Codesys: Vulnerability in CODESYS Development System and CODESYS Scripting
https://notcve.org/view.php?id=CVE-2023-3670
In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users. This vulnerability allows local attackers to escalate privileges on affected installations of CODESYS Development System. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of python scripts. The issue results from the lack of resource separation between control spheres. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the Administrator. • https://cert.vde.com/en/advisories/VDE-2023-024 • CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2022-4224 – CODESYS: Exposure of Resource to Wrong Sphere in CODESYS V3
https://notcve.org/view.php?id=CVE-2022-4224
In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device. • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17553&token=cf49757d232ea8021f0c0dd6c65e71ea5942b12d&download= • CWE-1188: Initialization of a Resource with an Insecure Default •