CVE-2023-3670

Codesys: Vulnerability in CODESYS Development System and CODESYS Scripting

CVSS 7.3 HIGHEPSS 0.2%CWE-668

In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users.

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Productos afectados

CODESYS · CODESYS Development System CODESYS · CODESYS Scripting

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://cert.vde.com/en/advisories/VDE-2023-024