First published: Thu Aug 03 2023(Updated: )
A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog.
Credit: info@cert.vde.com info@cert.vde.com
Affected Software | Affected Version | How to fix |
---|---|---|
CODESYS Development System | <3.5.19.20 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2023-3669.
The severity of CVE-2023-3669 is low, with a severity value of 3.3.
The CODESYS Development System prior to version 3.5.19.20 is affected by CVE-2023-3669.
The impact of CVE-2023-3669 is that a local attacker can have unlimited attempts to guess the password within an import dialog.
To mitigate CVE-2023-3669, it is recommended to update to version 3.5.19.20 of the CODESYS Development System or later.