{ "document": { "acknowledgments": [ { "organization": "CERT@VDE", "summary": "coordination", "urls": [ "https://certvde.com" ] }, { "organization": "Trend Micro Zero Day Initiative", "summary": "reporting" }, { "summary": "Summoning Team (@SummoningTeam) working with Trend Micro Zero Day Initiative for reporting", "organization": "Summoning Team", "names": [ "Sina Kheirkhah" ] } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en-GB", "notes": [ { "category": "description", "text": "Please consult CODESYS Security Advisory 2023-09 for more details.", "title": "Impact" }, { "category": "description", "text": "Update CODESYS Development System to version 3.5.17.0 .\n\nUpdate CODESYS Scripting to version 4.1.0.0 .\n\nThis version can be downloaded and installed directly with the CODESYS Installer. \nA CODESYS DevelopmentSystem version of 3.5.17.0 is required. \n\nAlternatively, you can visit the CODESYS update area for more information on how to obtain the softwareupdate.", "title": "Remediation" }, { "text": "\nIn CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users.", "title": "Summary", "category": "summary" } ], "publisher": { "contact_details": "security@codesys.com", "name": "CODESYS GmbH", "namespace": "https://www.codesys.com", "category": "vendor" }, "references": [ { "category": "self", "summary": "VDE-2023-024: CODESYS: Vulnerability in CODESYS Development System and CODESYS Scripting - HTML", "url": "https://certvde.com/en/advisories/VDE-2023-024/" }, { "category": "self", "summary": "VDE-2023-024: CODESYS: Vulnerability in CODESYS Development System and CODESYS Scripting - CSAF", "url": "https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2023/vde-2023-024.json" }, { "category": "external", "summary": "Vendor PSIRT", "url": "https://www.codesys.com" }, { "category": "external", "summary": "CERT@VDE Security Advisories for CODESYS GmbH", "url": "https://certvde.com/en/advisories/vendor/codesys/" } ], "title": "CODESYS: Vulnerability in CODESYS Development System and CODESYS Scripting", "tracking": { "aliases": [ "VDE-2023-024" ], "current_release_date": "2023-07-28T07:45:00.000Z", "generator": { "date": "2025-06-25T05:46:38.448Z", "engine": { "name": "Secvisogram", "version": "2.5.28" } }, "id": "VDE-2023-024", "initial_release_date": "2023-07-28T07:45:00.000Z", "revision_history": [ { "date": "2023-07-28T07:45:00.000Z", "number": "1.0.0", "summary": "Initial revision." } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "name": "CODESYS", "category": "vendor", "branches": [ { "name": "Hardware", "category": "product_family", "branches": [ { "name": "CODESYS Development System", "category": "product_name", "product": { "name": "CODESYS Development System", "product_id": "CSAFPID-11001" } }, { "name": "CODESYS Scripting", "category": "product_name", "product": { "name": "CODESYS Scripting", "product_id": "CSAFPID-11002" } } ] }, { "name": "Firmware", "category": "product_family", "branches": [ { "name": "3.5.9.0<3.5.17.0", "category": "product_version_range", "product": { "name": "Firmware 3.5.9.0<3.5.17.0", "product_id": "CSAFPID-21001" } }, { "name": "4.0.0.0<4.1.0.0", "category": "product_version_range", "product": { "name": "Firmware 4.0.0.0<4.1.0.0", "product_id": "CSAFPID-21002" } }, { "name": "3.5.17.0", "category": "product_version", "product": { "name": "Firmware 3.5.17.0", "product_id": "CSAFPID-22001" } }, { "name": "4.1.0.0", "category": "product_version", "product": { "name": "Firmware 4.1.0.0", "product_id": "CSAFPID-22002" } } ] } ] } ], "product_groups": [ { "group_id": "CSAFGID-0001", "product_ids": [ "CSAFPID-31001", "CSAFPID-31002" ], "summary": "Affected products." }, { "group_id": "CSAFGID-0002", "product_ids": [ "CSAFPID-32001", "CSAFPID-32002" ], "summary": "Fixed products." } ], "relationships": [ { "product_reference": "CSAFPID-21001", "relates_to_product_reference": "CSAFPID-11001", "category": "installed_on", "full_product_name": { "name": "Firmware 3.5.9.0<3.5.17.0 installed on CODESYS Development System", "product_id": "CSAFPID-31001" } }, { "product_reference": "CSAFPID-21002", "relates_to_product_reference": "CSAFPID-11002", "category": "installed_on", "full_product_name": { "name": "Firmware 4.0.0.0<4.1.0.0 installed on CODESYS Scripting", "product_id": "CSAFPID-31002" } }, { "product_reference": "CSAFPID-22001", "relates_to_product_reference": "CSAFPID-11001", "category": "installed_on", "full_product_name": { "name": "Firmware 3.5.17.0 installed on CODESYS Development System", "product_id": "CSAFPID-32001" } }, { "product_reference": "CSAFPID-22002", "relates_to_product_reference": "CSAFPID-11002", "category": "installed_on", "full_product_name": { "name": "Firmware 4.1.0.0 installed on CODESYS Scripting", "product_id": "CSAFPID-32002" } } ] }, "vulnerabilities": [ { "cve": "CVE-2023-3670", "cwe": { "id": "CWE-668", "name": "Exposure of Resource to Wrong Sphere" }, "notes": [ { "category": "description", "text": "In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users.", "title": "Vulnerability Description" } ], "product_status": { "fixed": [ "CSAFPID-32001", "CSAFPID-32002" ], "known_affected": [ "CSAFPID-31001", "CSAFPID-31002" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update CODESYS Development System to version 3.5.17.0 .\n\nUpdate CODESYS Scripting to version 4.1.0.0 .\n\nThis version can be downloaded and installed directly with the CODESYS Installer. \nA CODESYS DevelopmentSystem version of 3.5.17.0 is required. \n\nAlternatively, you can visit the CODESYS update area for more information on how to obtain the softwareupdate.", "group_ids": [ "CSAFGID-0001" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "environmentalScore": 7.3, "environmentalSeverity": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "temporalScore": 7.3, "temporalSeverity": "HIGH", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-31001", "CSAFPID-31002" ] } ], "title": "CVE-2023-3670" } ] }