After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559
References
| Link | Resource |
|---|---|
| https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory |
| https://cert.vde.com/en/advisories/VDE-2023-019/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 08:11
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://cert.vde.com/en/advisories/VDE-2023-019/ - Third Party Advisory |
08 Aug 2023, 15:43
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:codesys:control_rte_sl_\(for_beckhoff_cx\):*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_empc-a\/imx6_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:* cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:* |
|
| CWE | NVD-CWE-noinfo | |
| References | (MISC) https://cert.vde.com/en/advisories/VDE-2023-019/ - Third Party Advisory | |
| First Time |
Codesys control Rte Sl
Codesys control For Pfc100 Sl Codesys control For Plcnext Sl Codesys control Win Sl Codesys control Runtime System Toolkit Codesys control For Raspberry Pi Sl Codesys Codesys control For Wago Touch Panels 600 Sl Codesys control For Beaglebone Sl Codesys control For Linux Sl Codesys safety Sil2 Codesys hmi Codesys control For Iot2000 Sl Codesys development System Codesys control For Pfc200 Sl Codesys control Rte Sl \(for Beckhoff Cx\) Codesys control For Empc-a\/imx6 Sl |
03 Aug 2023, 12:40
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-08-03 12:15
Updated : 2024-11-21 08:11
NVD link : CVE-2023-37558
Mitre link : CVE-2023-37558
CVE.ORG link : CVE-2023-37558
JSON object : View
Products Affected
codesys
- control_for_iot2000_sl
- control_for_linux_sl
- control_for_beaglebone_sl
- control_for_raspberry_pi_sl
- control_for_plcnext_sl
- control_win_sl
- control_for_pfc100_sl
- control_runtime_system_toolkit
- development_system
- safety_sil2
- control_for_empc-a\/imx6_sl
- hmi
- control_rte_sl_\(for_beckhoff_cx\)
- control_for_wago_touch_panels_600_sl
- control_for_pfc200_sl
- control_rte_sl
CWE