Share: Email | Twitter

ID

VDE-2023-022

Published

2023-08-03 12:52 (CEST)

Last update

2023-08-03 12:52 (CEST)

Vendor(s)

CODESYS GmbH

Product(s)

Article No┬░ Product Name Affected Version(s)
CODESYS Development System 3.5.11.0 < 3.5.19.20

Summary

The Notification Center of the CODESYS Development System receives messages without ensuring that the message was not modified during transmission. This finally enables MITMs code execution when the user clicks the "Learn More" button.


Last Update:

Aug. 3, 2023, 12:52 p.m.

Weakness

Insufficient Verification of Data Authenticity  (CWE-345) 

Summary

In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server.


Solution

Update the CODESYS Development System to version 3.5.19.20.

The CODESYS Development System can be downloaded and installed directly with the CODESYS Installer or be downloaded from the CODESYS Store.

Alternatively, you will find further information on obtaining the software update in the CODESYS Update area

Reported by

This vulnerability was discovered by Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) working with Trend Micro Zero Day Initiative.

Coordination done by CERT@VDE.