First published: Tue Jan 29 2019(Updated: )
In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user credentials.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Codesys Control For Beaglebone Sl | >=3.0<3.5.14.0 | |
Codesys Control For Empc-a\/imx6 Sl | >=3.0<3.5.14.0 | |
Codesys Control For Iot2000 Sl | >=3.0<3.5.14.0 | |
Codesys Control For Linux Sl | >=3.0<3.5.14.0 | |
Codesys Control For Pfc100 Sl | >=3.0<3.5.14.0 | |
Codesys Control For Pfc200 Sl | >=3.0<3.5.14.0 | |
Codesys Control For Raspberry Pi Sl | >=3.0<3.5.14.0 | |
Codesys Control Rte Sl | >=3.0<3.5.14.0 | |
Codesys Control Runtime Toolkit | >=3.0<3.5.14.0 | |
Codesys Control Win Sl | >=3.0<3.5.14.0 | |
CODESYS Development System V3 | >=3.0<3.5.14.0 | |
Codesys Hmi Sl | >=3.0<3.5.14.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-10612 is a vulnerability in 3S-Smart Software Solutions GmbH CODESYS Control V3 products.
CVE-2018-10612 has a severity rating of 9.8 (critical).
CVE-2018-10612 affects various CODESYS Control V3 products, including Codesys Control For Beaglebone Sl, Codesys Control For Empc-a/imx6 Sl, Codesys Control For Iot2000 Sl, Codesys Control For Linux Sl, Codesys Control For Pfc100 Sl, Codesys Control For Pfc200 Sl, Codesys Control For Raspberry Pi Sl, Codesys Control Rte Sl, Codesys Control Runtime Toolkit, Codesys Control Win Sl, CODESYS Development System V3, and Codesys Hmi Sl.
CVE-2018-10612 allows an attacker access to the device and sensitive information, including user credentials, due to user access management and communication encryption not being enabled by default.
To fix CVE-2018-10612, users should enable user access management and communication encryption in the affected CODESYS Control V3 products.