CODESYS Runtime 'plclinux_rt' Multiple Authentication Bypass Vulnerabilities



CODESYS Runtime is prone to multiple authentication-bypass vulnerabilities.

An attacker can exploit these issues to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks.

Information

Bugtraq ID: 102113
Class: Access Validation Error
CVE:
Remote: Yes
Local: No
Published: Nov 30 2017 12:00AM
Updated: Dec 11 2017 01:11PM
Credit: T. Weber (Office Vienna) of SEC Consult Vulnerability Lab.
Vulnerable: WAGO WAGO PFC200 02.07.07(10)
WAGO WAGO PFC200 0
3S-Smart Software Solutions GmbH CODESYS Control Runtime Toolkit 2.4.7.0


Not Vulnerable:

Exploit


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.


Related Posts

Comments