CODESYS Control runtime system before 3.5.16.10 Allocation of Resources Without Limits or Throttling Vulnerability

Summary

Visualization masks created in CODESYS are displayed with the help of some components of the CODESYS Control runtime system, which process the requests to display it on the screen. Specifically crafted requests sent to the CODESYS Control runtime system can allocate step-by-step arbitrary amounts of memory, causing the system to run out of memory and possibly crash.

Credit:

The information has been provided by Vendor

The original article can be found at:https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13199&token=3e283c3e73fed61f7c181a7fa1169477efaf0c58&download=


Details

CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation.

 

Vulnerable Systems:

CODESYS Control runtime system before 3.5.16.10

 

CVE Information:

CVE-2020-15806

 

Disclosure Timeline:
Published Date:7/22/2020

Categories: News