Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-3670

In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users.

Published

2023-07-28T08:15:10.557

Last Modified

2024-11-21T08:17:48.067

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.3 (HIGH)

Weaknesses

Type: Primary
CWE-668

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	codesys	development_system	< 3.5.17.0	Yes
Application	codesys	scripting	< 4.1.0.0	Yes

References

https://cert.vde.com/en/advisories/VDE-2023-024 Third Party Advisory ([email protected])
https://cert.vde.com/en/advisories/VDE-2023-024 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)