← Back to home
ICSA-23-236-03  ·  Published 2023-08-24  ·  View on CISA ICS-CERT ↗

CODESYS Development System

CVSS 7.3 HIGH

Risk Summary

Successful exploitation of this vulnerability could cause users to unknowingly launch a malicious binary placed by a local attacker.

CVEs (1)

Remediations

  • CODESYS recommends users update the CODESYS Development System to version 3.5.19.20.
  • The CODESYS Development System can be downloaded and installed directly with the CODESYS Installer or be downloaded from the CODESYS Store.
  • Alternatively, users may find further information on obtaining the software update in the (CODESYS Update area.)[https://www.codesys.com/download/]
  • For more information, please see the advisory CERT@VDE published for CODESYS at: (https://cert.vde.com/en-us/advisories/vde-2023-021)[https://cert.vde.com/en-us/advisories/vde-2023-021]

Affected Vendors

CODESYS, GmbH

Affected Products (1)

CODESYS, GmbH · CODESYS Development System >= 3.5.17.0 | < 3.5.19.20

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more