CVE-2023-3669

Name of the Vulnerable Software and Affected Versions CODESYS Development System versions prior to 3.5.19.20

Description The issue is related to a missing Brute-Force protection in the CODESYS Development System, which allows a local attacker to have unlimited attempts at guessing the password within an import dialog. This is due to insufficient limitation of authentication attempts.

Recommendations For versions prior to 3.5.19.20, update to version 3.5.19.20 or later to resolve the issue. As a temporary workaround, consider restricting access to the import dialog to minimize the risk of exploitation.