Vulnerabilities > CVE-2019-9009 - Improper Handling of Exceptional Conditions vulnerability in Codesys products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

codesys

CWE-755

NVD

Published: 2019-09-17

Updated: 2022-01-01

Summary

An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash.

Vulnerable Configurations

Part	Description	Count
Application	Codesys Codesys Gateway - Codesys Gateway 3.0 Codesys Gateway 3.5.8.60 Codesys Gateway 3.5.14.0 Codesys Gateway 3.5.14.20 Codesys HMI - Codesys HMI 3.0 Codesys HMI 3.5.10.0 Codesys HMI 3.5.10.10 Codesys HMI 3.5.10.20 Codesys HMI 3.5.10.30 Codesys HMI 3.5.10.30. Codesys HMI 3.5.10.40 Codesys HMI 3.5.10.50 Codesys HMI 3.5.10.60 Codesys HMI 3.5.10.70 Codesys HMI 3.5.11.0 Codesys HMI 3.5.11.10 Codesys HMI 3.5.11.20 Codesys HMI 3.5.11.30 Codesys HMI 3.5.11.40 Codesys HMI 3.5.11.50 Codesys HMI 3.5.11.60 Codesys HMI 3.5.12.0 Codesys HMI 3.5.12.10 Codesys HMI 3.5.12.20 Codesys HMI 3.5.12.30 Codesys HMI 3.5.12.40 Codesys HMI 3.5.12.50 Codesys HMI 3.5.12.70 Codesys HMI 3.5.12.80 Codesys HMI 3.5.13.0 Codesys HMI 3.5.13.10 Codesys HMI 3.5.13.20 Codesys HMI 3.5.13.30 Codesys HMI 3.5.13.40 Codesys HMI 3.5.14.0 Codesys HMI 3.5.14.10 Codesys HMI 3.5.14.20 Codesys HMI 3.5.14.30 Codesys HMI 3.5.14.40 Codesys Simulation Runtime - Codesys Simulation Runtime 3.0 Codesys Simulation Runtime 3.0.0.0 Codesys Simulation Runtime 3.5.9.40 Codesys Simulation Runtime 3.5.11.60 Codesys Simulation Runtime 3.5.12.0 Codesys Simulation Runtime 3.5.12.10 Codesys Simulation Runtime 3.5.12.30 Codesys Simulation Runtime 3.5.12.70 Codesys Simulation Runtime 3.5.13.0 Codesys Simulation Runtime 3.5.13.10 Codesys Simulation Runtime 3.5.13.20 Codesys Simulation Runtime 3.5.13.30 Codesys Simulation Runtime 3.5.14.0 Codesys Simulation Runtime 3.5.14.10 Codesys Simulation Runtime 3.5.14.20 Codesys Simulation Runtime 3.5.14.30 Codesys Simulation Runtime 3.5.14.40 Codesys Safety Sil2 - Codesys Safety Sil2 3.0 Codesys Safety Sil2 3.5.14.0 Codesys Control FOR Beaglebone - Codesys Control FOR Beaglebone 3.0.0.0 Codesys Control FOR Beaglebone 3.5.10.0 Codesys Control FOR Beaglebone 3.5.10.20 Codesys Control FOR Beaglebone 3.5.10.30 Codesys Control FOR Beaglebone 3.5.11.0 Codesys Control FOR Beaglebone 3.5.11.10 Codesys Control FOR Beaglebone 3.5.11.20 Codesys Control FOR Beaglebone 3.5.11.50 Codesys Control FOR Beaglebone 3.5.11.60 Codesys Control FOR Beaglebone 3.5.12.0 Codesys Control FOR Beaglebone 3.5.12.10 Codesys Control FOR Beaglebone 3.5.12.30 Codesys Control FOR Beaglebone 3.5.12.70 Codesys Control FOR Beaglebone 3.5.13.0 Codesys Control FOR Beaglebone 3.5.13.20 Codesys Control FOR Beaglebone 3.5.13.30 Codesys Control FOR Beaglebone 3.5.14.0 Codesys Control FOR Beaglebone 3.5.14.10 Codesys Control FOR Empc A/Imx6 - Codesys Control FOR Empc A/Imx6 3.0.0.0 Codesys Control FOR Empc A/Imx6 3.5.10.0 Codesys Control FOR Empc A/Imx6 3.5.10.20 Codesys Control FOR Empc A/Imx6 3.5.11.0 Codesys Control FOR Empc A/Imx6 3.5.11.10 Codesys Control FOR Empc A/Imx6 3.5.11.20 Codesys Control FOR Empc A/Imx6 3.5.11.50 Codesys Control FOR Empc A/Imx6 3.5.11.60 Codesys Control FOR Empc A/Imx6 3.5.12.0 Codesys Control FOR Empc A/Imx6 3.5.12.10 Codesys Control FOR Empc A/Imx6 3.5.12.30 Codesys Control FOR Empc A/Imx6 3.5.12.70 Codesys Control FOR Empc A/Imx6 3.5.13.0 Codesys Control FOR Empc A/Imx6 3.5.13.20 Codesys Control FOR Empc A/Imx6 3.5.13.30 Codesys Control FOR Empc A/Imx6 3.5.14.0 Codesys Control FOR Empc A/Imx6 3.5.14.10 Codesys Control FOR Iot2000 - Codesys Control FOR Iot2000 3.0.0.0 Codesys Control FOR Iot2000 3.5.11.0 Codesys Control FOR Iot2000 3.5.11.10 Codesys Control FOR Iot2000 3.5.11.20 Codesys Control FOR Iot2000 3.5.11.50 Codesys Control FOR Iot2000 3.5.11.60 Codesys Control FOR Iot2000 3.5.12.0 Codesys Control FOR Iot2000 3.5.12.10 Codesys Control FOR Iot2000 3.5.12.30 Codesys Control FOR Iot2000 3.5.12.70 Codesys Control FOR Iot2000 3.5.13.0 Codesys Control FOR Iot2000 3.5.13.20 Codesys Control FOR Iot2000 3.5.13.30 Codesys Control FOR Iot2000 3.5.14.0 Codesys Control FOR Iot2000 3.5.14.10 Codesys Control FOR Pfc100 - Codesys Control FOR Pfc100 3.0.0.0 Codesys Control FOR Pfc100 3.5.11.0 Codesys Control FOR Pfc100 3.5.11.10 Codesys Control FOR Pfc100 3.5.11.20 Codesys Control FOR Pfc100 3.5.11.50 Codesys Control FOR Pfc100 3.5.11.60 Codesys Control FOR Pfc100 3.5.12.0 Codesys Control FOR Pfc100 3.5.12.10 Codesys Control FOR Pfc100 3.5.12.30 Codesys Control FOR Pfc100 3.5.12.40 Codesys Control FOR Pfc100 3.5.12.70 Codesys Control FOR Pfc100 3.5.13.0 Codesys Control FOR Pfc100 3.5.13.20 Codesys Control FOR Pfc100 3.5.13.30 Codesys Control FOR Pfc100 3.5.14.0 Codesys Control FOR Pfc100 3.5.14.10 Codesys Control FOR Pfc200 - Codesys Control FOR Pfc200 3.0.0.0 Codesys Control FOR Pfc200 3.5.10.0 Codesys Control FOR Pfc200 3.5.10.20 Codesys Control FOR Pfc200 3.5.11.0 Codesys Control FOR Pfc200 3.5.11.10 Codesys Control FOR Pfc200 3.5.11.20 Codesys Control FOR Pfc200 3.5.11.50 Codesys Control FOR Pfc200 3.5.11.60 Codesys Control FOR Pfc200 3.5.12.0 Codesys Control FOR Pfc200 3.5.12.10 Codesys Control FOR Pfc200 3.5.12.30 Codesys Control FOR Pfc200 3.5.12.40 Codesys Control FOR Pfc200 3.5.12.70 Codesys Control FOR Pfc200 3.5.13.0 Codesys Control FOR Pfc200 3.5.13.10 Codesys Control FOR Pfc200 3.5.13.20 Codesys Control FOR Pfc200 3.5.13.30 Codesys Control FOR Pfc200 3.5.14.0 Codesys Control FOR Pfc200 3.5.14.10 Codesys Control FOR Pfc200 3.5.14.20 Codesys Control FOR Pfc200 3.5.14.30 Codesys Control FOR Pfc200 3.5.14.40 Codesys Control FOR Raspberry PI - Codesys Control FOR Raspberry PI 3.0.0.0 Codesys Control FOR Raspberry PI 3.5.10.0 Codesys Control FOR Raspberry PI 3.5.10.20 Codesys Control FOR Raspberry PI 3.5.11.0 Codesys Control FOR Raspberry PI 3.5.11.10 Codesys Control FOR Raspberry PI 3.5.11.20 Codesys Control FOR Raspberry PI 3.5.11.50 Codesys Control FOR Raspberry PI 3.5.11.60 Codesys Control FOR Raspberry PI 3.5.12.0 Codesys Control FOR Raspberry PI 3.5.12.10 Codesys Control FOR Raspberry PI 3.5.12.30 Codesys Control FOR Raspberry PI 3.5.12.70 Codesys Control FOR Raspberry PI 3.5.13.0 Codesys Control FOR Raspberry PI 3.5.13.20 Codesys Control FOR Raspberry PI 3.5.13.30 Codesys Control FOR Raspberry PI 3.5.14.0 Codesys Control FOR Raspberry PI 3.5.14.10 Codesys Control FOR Raspberry PI 3.5.14.20 Codesys Control FOR Raspberry PI 3.5.14.30 Codesys Control FOR Raspberry PI 3.5.14.40 Codesys Control RTE - Codesys Control RTE 3.0 Codesys Control RTE 3.0.0.0 Codesys Control RTE 3.5.8.60 Codesys Control RTE 3.5.9.40 Codesys Control RTE 3.5.9.50 Codesys Control RTE 3.5.9.60 Codesys Control RTE 3.5.9.70 Codesys Control RTE 3.5.10.0 Codesys Control RTE 3.5.10.10 Codesys Control RTE 3.5.10.20 Codesys Control RTE 3.5.10.40 Codesys Control RTE 3.5.10.50 Codesys Control RTE 3.5.10.60 Codesys Control RTE 3.5.10.95 Codesys Control RTE 3.5.11.0 Codesys Control RTE 3.5.11.10 Codesys Control RTE 3.5.11.20 Codesys Control RTE 3.5.11.30 Codesys Control RTE 3.5.11.40 Codesys Control RTE 3.5.11.42 Codesys Control RTE 3.5.11.50 Codesys Control RTE 3.5.11.60 Codesys Control RTE 3.5.12.0 Codesys Control RTE 3.5.12.1 Codesys Control RTE 3.5.12.10 Codesys Control RTE 3.5.12.20 Codesys Control RTE 3.5.12.30 Codesys Control RTE 3.5.12.40 Codesys Control RTE 3.5.12.50 Codesys Control RTE 3.5.12.60 Codesys Control RTE 3.5.12.70 Codesys Control RTE 3.5.12.80 Codesys Control RTE 3.5.13.0 Codesys Control RTE 3.5.13.10 Codesys Control RTE 3.5.13.20 Codesys Control RTE 3.5.13.30 Codesys Control RTE 3.5.13.40 Codesys Control RTE 3.5.14.0 Codesys Control RTE 3.5.14.10 Codesys Control RTE 3.5.14.20 Codesys Control RTE 3.5.14.30 Codesys Control RTE 3.5.14.40 Codesys Control WIN - Codesys Control WIN 3.0 Codesys Control WIN 3.0.0.0 Codesys Control WIN 3.5.9.80 Codesys Control WIN 3.5.12.30 Codesys Control WIN 3.5.12.80 Codesys Linux 3.5.11.0 Codesys Runtime System Toolkit 2.0.0.0 Codesys Runtime System Toolkit 2.4.7.52 Codesys Runtime System Toolkit 3.5.11.0	234

Common Weakness Enumeration (CWE)

CWE-755 - Improper Handling of Exceptional Conditions

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References