UPDATE 29.02.2024: Removed "This version is planned for January 2024." from Solution as the updated version is released.
On CODESYS Control runtimes running on Linux or QNX operating systems, successfully authenticated PLC programmers can utilize SysFile or CAA-File system libraries to inject calls to additional shell functions.
The Builder and Viewer components of the product PASvisu are based on the 3rd-party-component Electron. Electron contains several other open-source components which are affected by vulnerabilities. The vulnerabilities may enable an attacker to gain full control over the system. The vulnerabilities can be exploited locally or over the network.
The Library WagoAppRTU which is part of the Wago Telecontrol Configurator is prone to improper input validation. By sending specifically crafted MMS packets an attacker can trigger a denial-of-service condition.
Several CODESYS setups contain and install vulnerable versions of the WIBU CodeMeter Runtime.
Several Pilz products use the 3rd-party component “libwebp” for decoding of images in WebP format. This component is affected by a vulnerability, which may enable an attacker to gain full control over the system running the software product. Depending on the affected product, the vulnerabilities can be exploited locally or over the network.
An attacker with privileges can enumerate projects and usernames through an iterative process, by making a request to a specific endpoint.