This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SCADA_CODESYS_CVE-2019-9012.NBINCODESYS Gateway V3 DoS
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.002 Low
EPSS
Percentile
52.6%
A denial of service (DoS) vulnerability exists in CODESYS Gateway V3 due to improper validation of user-supplied data. An unauthenticated, remote attacker can exploit this issue, via a specially crafted request, to cause the gateway to stop responding.
Binary data scada_codesys_cve-2019-9012.nbin| Vendor | Product | Version | CPE |
|---|---|---|---|
| 3s-software | codesys_gateway-server | cpe:/a:3s-software:codesys_gateway-server |
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.002 Low
EPSS
Percentile
52.6%