https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12938&token=b9eb30f53246dc57b2e7cb302356a05547148fa2&download=

https://www.us-cert.gov/ics/advisories/icsa-19-213-03

The 3S CODESYS Runtime environment running on the remote host is affected by multiple vulnerabilities:

  - The CODESYS Gateway does not correctly verify the ownership of a communication channel. (CVE-2019-9010)

  - A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products     and may result in a denial-of-service condition. (CVE-2019-9012)

  - The application may utilize non-TLS based encryption, which results in user credentials being     insufficiently protected during transport. (CVE-2019-9013)

Note that Nessus has not tested for the issue but has instead relied only on the application's self-reported version number.

A denial of service (DoS) vulnerability exists in CODESYS Gateway V3 due to improper validation of user-supplied data. An unauthenticated, remote attacker can exploit this issue, via a specially crafted request, to cause the gateway to stop responding.

ID	Name	Product	Family	Severity
134977	3S CODESYS Runtime 3.x < 3.5.14.20 Multiple Vulnerabilities	Nessus	SCADA	critical
130430	CODESYS Gateway V3 DoS	Nessus	SCADA	high

CVE-2019-9012

high

Tenable Plugins

critical

high