← back
CVE-2018-10612

CVE-2018-10612

EPSS 1.3%CWE-284
In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user credentials.
Affected products
3S-Smart · 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://ics-cert.us-cert.gov/advisories/ICSA-18-352-03http://www.securityfocus.com/bid/106248