CVE-2023-3670

Codesys: Vulnerability in CODESYS Development System and CODESYS Scripting

CVSS 7.3 HIGHEPSS 0.2%CWE-668

In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users.

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Produtos afetados

CODESYS · CODESYS Development System CODESYS · CODESYS Scripting

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://cert.vde.com/en/advisories/VDE-2023-024