7.5

CVE-2019-9009

An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CodesysControl For Beaglebone Version < 3.5.15.0
CodesysControl For Empc-a/imx6 Version < 3.5.15.0
CodesysControl For Iot2000 Version < 3.5.15.0
CodesysControl For Pfc100 Version < 3.5.15.0
CodesysControl For Pfc200 Version < 3.5.15.0
CodesysControl For Raspberry Pi Version < 3.5.15.0
CodesysControl Rte Version < 3.5.15.0
CodesysControl Win Version < 3.5.15.0
CodesysGateway Version < 3.5.15.0
CodesysHmi Version < 3.5.15.0
CodesysLinux Version < 3.5.15.0
CodesysRuntime System Toolkit Version < 3.5.15.0
CodesysSafety Sil2 Version < 3.5.15.0
CodesysSimulation Runtime Version < 3.5.15.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.7% 0.742
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-755 Improper Handling of Exceptional Conditions

The product does not handle or incorrectly handles an exceptional condition.

https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12941&token=50fabe3870c7bdc41701eb1799dddeec103de40c&download=
Vendor Advisory
https://www.us-cert.gov/ics/advisories/icsa-19-255-05
Third Party Advisory
US Government Resource
Mitigation