Lucene search
CERTVDECVE-2023-3662HistoryAug 03, 2023 - 11:15 a.m.
CVE-2023-3662
2023-08-0311:15:09
CWE-427
CERTVDE
web.nvd.nist.gov
22
codesys
development system
vulnerability
cve-2023-3662
nvd
CVSS3
7.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
AI Score
7.1
Confidence
High
EPSS
0
Percentile
5.1%
In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context .
Affected configurations
Node
codesysdevelopment_systemRange3.5.17.0β3.5.19.20
| Vendor | Product | Version | CPE |
|---|---|---|---|
| codesys | development_system | * | cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "CODESYS Development System",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.19.20",
"status": "affected",
"version": "3.5.17.0",
"versionType": "semver"
}
]
}
]References
Related
prion
prion
Design/Logic Flaw
2023-08-03 11:15:00
ics
ics
βCODESYS Development System
2023-08-24 12:00:00
nvd
nvd
CVE-2023-3662
2023-08-03 11:15:09
cvelist
cvelist
CVSS3
7.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
AI Score
7.1
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2023-3662