CVE-2023-6357 - Vulnerability Details - OpenCVE

A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00284.

Key SSVC decision points have not yet been added.

Vendors	Products
Codesys	Control For Beaglebone Sl Control For Empc-a\/imx6 Control For Iot2000 Sl Control For Linux Arm Sl Control For Linux Sl Control For Pfc100 Sl Control For Pfc200 Sl Control For Plcnext Sl Control For Raspberry Pi Sl Control For Wago Touch Panels 600 Sl Runtime Toolkit

Configuration 1 [-]

OR	cpe:2.3:a:codesys:control_for_beaglebone_sl::::::::
	cpe:2.3:a:codesys:control_for_empc-a\/imx6::::::::
	cpe:2.3:a:codesys:control_for_iot2000_sl::::::::
	cpe:2.3:a:codesys:control_for_linux_arm_sl::::::::
	cpe:2.3:a:codesys:control_for_linux_sl::::::::
	cpe:2.3:a:codesys:control_for_pfc100_sl::::::::
	cpe:2.3:a:codesys:control_for_pfc200_sl::::::::
	cpe:2.3:a:codesys:control_for_plcnext_sl::::::::
	cpe:2.3:a:codesys:control_for_raspberry_pi_sl::::::::
	cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl::::::::
	cpe:2.3:a:codesys:runtime_toolkit::::::::

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://cert.vde.com/en/advisories/VDE-2023-066
https://https://cert.vde.com/en/advisories/VDE-2023-066

History

No history.

MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2023-12-05T14:29:25.649Z

Updated: 2024-08-02T08:28:21.783Z

Reserved: 2023-11-28T07:20:59.774Z

Link: CVE-2023-6357

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-12-05T15:15:08.983

Modified: 2024-11-21T08:43:41.900

Link: CVE-2023-6357

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6357", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "state": "PUBLISHED", "assignerShortName": "CERTVDE", "dateReserved": "2023-11-28T07:20:59.774Z", "datePublished": "2023-12-05T14:29:25.649Z", "dateUpdated": "2024-08-02T08:28:21.783Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "CODESYS Control for BeagleBone SL", "vendor": "CODESYS", "versions": [{"lessThan": "4.11.0.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "CODESYS Control for emPC-A/iMX6 SL", "vendor": "CODESYS", "versions": [{"lessThan": "4.11.0.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "CODESYS Control for IOT2000 SL", "vendor": "CODESYS", "versions": [{"lessThan": "4.11.0.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "CODESYS Control for Linux ARM SL", "vendor": "CODESYS", "versions": [{"lessThan": "4.11.0.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "CODESYS Control for Linux SL", "vendor": "CODESYS", "versions": [{"lessThan": "4.11.0.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "CODESYS Control for PFC100 SL", "vendor": "CODESYS", "versions": [{"lessThan": "4.11.0.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "CODESYS Control for PFC200 SL", "vendor": "CODESYS", "versions": [{"lessThan": "4.11.0.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "CODESYS Control for PLCnext SL", "vendor": "CODESYS", "versions": [{"lessThan": "4.11.0.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "CODESYS Control for Raspberry Pi SL", "vendor": "CODESYS", "versions": [{"lessThan": "4.11.0.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "CODESYS Control for WAGO Touch Panels 600 SL", "vendor": "CODESYS", "versions": [{"lessThan": "4.11.0.0", "status": "affected", "version": "0", "versionType": "semver"}]}, {"defaultStatus": "unaffected", "product": "CODESYS Runtime Toolkit for Linux or QNX", "vendor": "CODESYS", "versions": [{"lessThan": "3.5.19.50", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Chuya Hayakawa of 00One, Inc."}], "datePublic": "2023-12-05T14:25:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device."}], "value": "A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2023-12-05T14:29:25.649Z"}, "references": [{"url": "https://https://cert.vde.com/en/advisories/VDE-2023-066"}], "source": {"advisory": "VDE-2023-066", "defect": ["CERT@VDE#64623"], "discovery": "UNKNOWN"}, "title": "OS Command Injection in multiple CODESYS products", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:28:21.783Z"}, "title": "CVE Program Container", "references": [{"url": "https://https://cert.vde.com/en/advisories/VDE-2023-066", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*", "matchCriteriaId": "DEFEF3B4-03F2-4E09-A8F2-02A0604CB8BF", "versionEndExcluding": "4.11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2DB55B1-CAFE-435B-8776-DB4D33ED9C98", "versionEndExcluding": "4.11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D492DB3-94BA-4F14-8119-1610AB4F95EE", "versionEndExcluding": "4.11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_for_linux_arm_sl:*:*:*:*:*:*:*:*", "matchCriteriaId": "97D00DF9-EBF1-4DEC-8A49-694871643B9F", "versionEndExcluding": "4.11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*", "matchCriteriaId": "D6F207B6-5906-4B39-A5B4-A07F6D5A9BB9", "versionEndExcluding": "4.11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*", "matchCriteriaId": "7791D9E4-CEC3-4658-8E2C-8F08882CE4F4", "versionEndExcluding": "4.11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CADE021-8D58-4BC5-BA60-A16FE24FBA73", "versionEndExcluding": "4.11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*", "matchCriteriaId": "B3948946-E7B8-4D7E-8D1D-80B9E0DB47AF", "versionEndExcluding": "4.11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C9DF443-E965-4480-B76E-4A25CF2E714F", "versionEndExcluding": "4.11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5FCD76E-A3F5-4E02-AD3F-B2BDE708A651", "versionEndExcluding": "4.11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:codesys:runtime_toolkit:*:*:*:*:*:*:*:*", "matchCriteriaId": "162DB2B8-3426-43F7-848A-BE542C24619C", "versionEndExcluding": "3.5.19.50", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device."}, {"lang": "es", "value": "Un atacante remoto con pocos privilegios podr\u00eda aprovechar la vulnerabilidad e inyectar comandos adicionales del sistema a trav\u00e9s de librer\u00edas del sistema de archivos que podr\u00edan darle al atacante el control total del dispositivo."}], "id": "CVE-2023-6357", "lastModified": "2024-11-21T08:43:41.900", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "info@cert.vde.com", "type": "Secondary"}]}, "published": "2023-12-05T15:15:08.983", "references": [{"source": "info@cert.vde.com", "tags": ["Broken Link"], "url": "https://https://cert.vde.com/en/advisories/VDE-2023-066"}, {"source": "nvd@nist.gov", "tags": ["Mitigation", "Third Party Advisory"], "url": "https://cert.vde.com/en/advisories/VDE-2023-066"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://https://cert.vde.com/en/advisories/VDE-2023-066"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "info@cert.vde.com", "type": "Secondary"}]}