CVE-2023-5751 HIGH

CVE-2023-5751: CODESYS: Development system prone to DoS through exposure of resource to wrong sphere

Vendor Codesys
Product CODESYS Control Win (SL)
Weakness CWE-668
Published June 4, 2024
Last update August 2, 2024

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A local attacker with low privileges can read and modify any users files and cause a DoS in the working directory of the affected products due to exposure of resource to wrong sphere. 

Key dates

02Disclosure timeline

June 4, 2024 CVE published
August 2, 2024 Record updated