Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Control_for_beaglebone_sl | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Control_for_empc-a/imx6_sl | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Control_for_iot2000_sl | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Control_for_linux_sl | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Control_for_pfc100_sl | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Control_for_pfc200_sl | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Control_for_raspberry_pi_sl | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Control_rte_sl | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Control_rte_sl_(for_beckhoff_cx) | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Control_runtime_toolkit | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Control_win_sl | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Development_system_v3 | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Gateway | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Hmi_sl | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Opc_server | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Plchandler | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Safety_sil2 | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
| Targetvisu_sl | Codesys | 3.0 (including) | 3.5.14.0 (excluding) |
References
- http://www.securityfocus.com/bid/106251
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-036-codesys-control-v3-improper-communication-address-filtering/
- https://ics-cert.us-cert.gov/advisories/ICSA-18-352-04
- http://www.securityfocus.com/bid/106251
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-036-codesys-control-v3-improper-communication-address-filtering/
- https://ics-cert.us-cert.gov/advisories/ICSA-18-352-04