Lucene search
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.SCADA_CODESYS_RUNTIME_3_5_14_20.NBINHistoryMar 30, 2020 - 12:00 a.m.
3S CODESYS Runtime 3.x < 3.5.14.20 Multiple Vulnerabilities
2020-03-3000:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
35
The 3S CODESYS Runtime environment running on the remote host is affected by multiple vulnerabilities:
-
The CODESYS Gateway does not correctly verify the ownership of a communication channel. (CVE-2019-9010)
-
A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. (CVE-2019-9012)
-
The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. (CVE-2019-9013)
Note that Nessus has not tested for the issue but has instead relied only on the application’s self-reported version number.
Binary data scada_codesys_runtime_3_5_14_20.nbin| Vendor | Product | Version | CPE |
|---|---|---|---|
| 3s-software | codesys_runtime_system | cpe:/a:3s-software:codesys_runtime_system |
Related
ics
ics
3S-Smart Software Solutions GmbH CODESYS V3
2019-08-01 12:00:00
3S-Smart Software Solutions GmbH CODESYS V3 (Update A)
2020-05-14 12:00:00
prion
prion
Design/Logic Flaw
2019-08-15 18:15:00
Design/Logic Flaw
2019-08-15 18:15:00
Design/Logic Flaw
2019-08-15 17:15:00
cvelist
cvelist
nessus
nessus
CODESYS Gateway V3 DoS
2019-10-31 00:00:00
cve
cve
mssecure
mssecure
mmpc
mmpc
thn
thn
16 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks
2023-08-11 05:20:00
Related for SCADA_CODESYS_RUNTIME_3_5_14_20.NBIN