CVE-2012-6068
critical
CVSS v3
9.8
CVSS v2
10.0
VIR risk
9.8
Description
The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not require authentication, which allows remote attackers to execute commands via the command-line interface in the TCP listener service or transfer files via requests to the TCP listener service.
Predictions
Exploit likelihood
97%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: ics-cert@hq.dhs.gov — http://www.codesys.com/news-events/press-releases/detail/article/sicherheitsluecke-in-codesys-v23-laufzeitsystem.html
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| 3s-software | codesys_runtime_system | 2.3.9.8 | |
| 3s-software | codesys_runtime_system | 2.3.9.35 | |
| 3s-software | codesys_runtime_system | 2.3.9.36 | |
| 3s-software | codesys_runtime_system | 2.3.9.37 | |
| 3s-software | codesys_runtime_system | 2.4.0 | |
References
- http://www.codesys.com/news-events/press-releases/detail/article/sicherheitsluecke-in-codesys-v23-laufzeitsystem.html
- http://www.digitalbond.com/tools/basecamp/3s-codesys/
- https://us.codesys.com/ecosystem/security/
- https://www.cisa.gov/news-events/ics-advisories/icsa-13-011-01
- https://www.cisa.gov/news-events/ics-advisories/icsa-14-084-01
- http://ics-cert.us-cert.gov/advisories/ICSA-14-084-01
- http://www.codesys.com/news-events/press-releases/detail/article/sicherheitsluecke-in-codesys-v23-laufzeitsystem.html
- http://www.digitalbond.com/tools/basecamp/3s-codesys/
- http://www.us-cert.gov/control_systems/pdf/ICSA-13-011-01.pdf
CWEs
CWE-284 CWE-264
Verify integrity in audit chain (admin only). AS-IS.