Lucene search
HistoryJan 21, 2013 - 9:55 p.m.
CVE-2012-6068
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.1 High
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.7%
The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not require authentication, which allows remote attackers to (1) execute commands via the command-line interface in the TCP listener service or (2) transfer files via requests to the TCP listener service.
Affected configurations
Node
3s-softwarecodesys_runtime_systemMatch2.3.9.8
OR3s-softwarecodesys_runtime_systemMatch2.3.9.35
OR3s-softwarecodesys_runtime_systemMatch2.3.9.36
OR3s-softwarecodesys_runtime_systemMatch2.3.9.37
Node
3s-softwarecodesys_runtime_systemMatch2.4.0
Related
cve
cve
CVE-2012-6068
2013-01-21 21:55:01
cvelist
cvelist
CVE-2012-6068
2013-01-21 21:00:00
prion
prion
Authentication flaw
2013-01-21 21:55:00
ics
ics
3S CoDeSys (Update A)
2020-09-24 12:00:00
Festo CECX-X-(C1/M1) Controller Vulnerabilities
2018-09-06 12:00:00
openvas
openvas
CODESYS Multiple Vulnerabilities (Oct 2012) - Active Check
2012-10-29 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.1 High
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.7%
Related for NVD:CVE-2012-6068