An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed.
The number of possible random values is smaller than needed by the product, making it more susceptible to brute force attacks.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Control_for_beaglebone_sl | Codesys | * | 4.5.0.0 (excluding) |
| Control_for_beckhoff_cx9020 | Codesys | * | 4.5.0.0 (excluding) |
| Control_for_empc-a/imx6_sl | Codesys | * | 4.5.0.0 (excluding) |
| Control_for_iot2000_sl | Codesys | * | 4.5.0.0 (excluding) |
| Control_for_linux_sl | Codesys | * | 4.5.0.0 (excluding) |
| Control_for_pfc100_sl | Codesys | * | 4.5.0.0 (excluding) |
| Control_for_pfc200_sl | Codesys | * | 4.5.0.0 (excluding) |
| Control_for_plcnext_sl | Codesys | * | 4.5.0.0 (excluding) |
| Control_for_raspberry_pi_sl | Codesys | * | 4.5.0.0 (excluding) |
| Control_for_wago_touch_panels_600_sl | Codesys | * | 4.5.0.0 (excluding) |
| Control_rte_sl | Codesys | * | 3.5.18.0 (excluding) |
| Control_rte_sl_(for_beckhoff_cx) | Codesys | * | 3.5.18.0 (excluding) |
| Control_runtime_system_toolkit | Codesys | * | 3.5.18.0 (excluding) |
| Control_win_sl | Codesys | * | 3.5.18.0 (excluding) |
| Development_system | Codesys | 3.0 (including) | 3.5.18.0 (excluding) |
| Edge_gateway | Codesys | * | 3.5.18.0 (excluding) |
| Edge_gateway | Codesys | * | 4.5.0.0 (excluding) |
| Embedded_target_visu_toolkit | Codesys | * | 3.5.18.0 (excluding) |
| Gateway | Codesys | * | 3.5.18.0 (excluding) |
| Hmi_sl | Codesys | * | 3.5.18.0 (excluding) |
| Remote_target_visu_toolkit | Codesys | * | 3.5.18.0 (excluding) |