Vulnerabilities > CVE-2022-31805 - Unprotected Transport of Credentials vulnerability in Codesys products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

codesys

CWE-523

NVD

Published: 2022-06-24

Updated: 2023-05-09

Summary

In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected.

Vulnerable Configurations

Part	Description	Count
Application	Codesys Codesys Runtime Toolkit - Codesys Runtime Toolkit 2.4.7.54 Codesys Plcwinnt - Codesys Plcwinnt 2.4.7.54 Codesys Plchandler 3.0 Codesys Plchandler 3.5.14.0 Codesys Plchandler 3.5.17.0 Codesys OPC Server 3.0 Codesys OPC Server 3.5.14.0 Codesys OPC Server 3.5.17.0 Codesys Edge Gateway - Codesys Edge Gateway 3.0 Codesys Edge Gateway 3.5.16.70 Codesys Edge Gateway 3.5.17.0 Codesys HMI SL 3.0 Codesys HMI SL 3.5.10.0 Codesys HMI SL 3.5.10.10 Codesys HMI SL 3.5.10.20 Codesys HMI SL 3.5.10.30 Codesys HMI SL 3.5.10.40 Codesys HMI SL 3.5.10.50 Codesys HMI SL 3.5.10.60 Codesys HMI SL 3.5.10.70 Codesys HMI SL 3.5.11.0 Codesys HMI SL 3.5.11.10 Codesys HMI SL 3.5.11.20 Codesys HMI SL 3.5.11.30 Codesys HMI SL 3.5.11.40 Codesys HMI SL 3.5.11.50 Codesys HMI SL 3.5.11.60 Codesys HMI SL 3.5.12.0 Codesys HMI SL 3.5.12.10 Codesys HMI SL 3.5.12.20 Codesys HMI SL 3.5.12.30 Codesys HMI SL 3.5.12.40 Codesys HMI SL 3.5.12.50 Codesys HMI SL 3.5.12.70 Codesys HMI SL 3.5.13.0 Codesys HMI SL 3.5.13.10 Codesys HMI SL 3.5.13.20 Codesys HMI SL 3.5.13.30 Codesys HMI SL 3.5.14.0 Codesys HMI SL 3.5.16.0 Codesys SP Realtime NT - Codesys SP Realtime NT 2.3.7.28 Codesys WEB Server * Codesys Gateway - Codesys Development System *	48

Common Weakness Enumeration (CWE)

CWE-523 - Unprotected Transport of Credentials

Common Attack Pattern Enumeration and Classification (CAPEC)

Session Sidejacking
Session sidejacking takes advantage of an unencrypted communication channel between a victim and target system. The attacker sniffs traffic on a network looking for session tokens in unencrypted traffic. Once a session token is captured, the attacker performs malicious actions by using the stolen token with the targeted application to impersonate the victim. This attack is a specific method of session hijacking, which is exploiting a valid session token to gain unauthorized access to a target system or information. Other methods to perform a session hijacking are session fixation, cross-site scripting, or compromising a user or server machine and stealing the session token.

References

https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17140&token=6aa2c5c4a8b83b8b09936fefed5b0b11f9d2cc6c&download=

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Related news

References