PT-2024-6449 · 3S Smart Software Solutions · Codesys Control

Villu164

Published

2024-09-24

Updated

2024-09-26

CVE-2024-8175

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions CODESYS Control (affected versions not specified)

Description The issue is related to insufficient checking of unusual or exceptional states in the CODESYS web server, which can be exploited by a remote attacker to cause a denial of service (DoS) by sending a specially crafted TLS packet. This can lead to the web server accessing invalid memory, resulting in a DoS.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Check for Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-754

Related Identifiers

BDU:2024-07535

CVE-2024-8175

Affected Products

Codesys Control

PT-2024-6449 · 3S Smart Software Solutions · Codesys Control

CVE-2024-8175

Weakness Enumeration

Related Identifiers

Affected Products

References · 9