PT-2020-19360 · 3S Smart Software Solutions · Codesys Control V3+2

Published

2020-01-24

Updated

2021-07-21

CVE-2020-7052

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions CODESYS Control V3 versions prior to 3.5.15.30 CODESYS Gateway V3 versions prior to 3.5.15.30 CODESYS HMI V3 versions prior to 3.5.15.30

Description The issue allows for uncontrolled memory allocation, which can result in a remote denial of service condition.

Recommendations For CODESYS Control V3 versions prior to 3.5.15.30, update to version 3.5.15.30 or later. For CODESYS Gateway V3 versions prior to 3.5.15.30, update to version 3.5.15.30 or later. For CODESYS HMI V3 versions prior to 3.5.15.30, update to version 3.5.15.30 or later.

Exploit

Fix

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

CVE-2020-7052

Affected Products

Codesys Control V3

Codesys Gateway V3

Codesys Hmi V3

PT-2020-19360 · 3S Smart Software Solutions · Codesys Control V3+2

CVE-2020-7052

Weakness Enumeration

Related Identifiers

Affected Products

References · 4