Vulnerability CVE-2023-3663
Published: 2023-08-03

Description:
In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server.

Type:

CWE-345

 (Insufficient Verification of Data Authenticity)

 References:
https://cert.vde.com/en/advisories/VDE-2023-022/
Copyright 2024, cxsecurity.com

 

Back to Top