{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T13:31:54.772","vulnerabilities":[{"cve":{"id":"CVE-2018-25048","sourceIdentifier":"info@cert.vde.com","published":"2023-03-23T11:15:12.730","lastModified":"2024-11-21T04:03:26.283","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device."}],"metrics":{"cvssMetricV31":[{"source":"info@cert.vde.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"info@cert.vde.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0.0","versionEndExcluding":"3.5.12.30","matchCriteriaId":"B29080C3-A6D8-40D6-8C24-177C00FA27F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_empc-a\\/imx6:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0.0","versionEndExcluding":"3.5.12.30","matchCriteriaId":"B980C936-557F-4F14-A692-165129625A62"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_iot2000:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0.0","versionEndExcluding":"3.5.12.30","matchCriteriaId":"D282ECAB-FA07-4A81-8F43-AC46A08422D4"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_pfc100:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0.0","versionEndExcluding":"3.5.12.30","matchCriteriaId":"AC1C508C-6817-42E7-9B4C-CDCAC7477304"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_pfc200:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0.0","versionEndExcluding":"3.5.12.30","matchCriteriaId":"C1ECCA6D-3F95-4924-9CC6-7315B1608217"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_raspberry_pi:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0.0","versionEndExcluding":"3.5.12.30","matchCriteriaId":"093C888E-8328-45E9-882C-39D7FBE8E251"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0.0","versionEndExcluding":"3.5.12.30","matchCriteriaId":"4E767B6C-7762-4F3C-A8B0-BEC9C1C238D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_v3_runtime_system_toolkit:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0.0","versionEndExcluding":"3.5.12.30","matchCriteriaId":"2DDCE092-30E5-43FB-A20F-A712DFD7B1C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_win:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0.0","versionEndExcluding":"3.5.12.30","matchCriteriaId":"A47EA342-7BDA-4707-9A23-142126C407C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0","versionEndExcluding":"3.5.12.30","matchCriteriaId":"A0FE0CC3-99BF-46BF-907D-E8F2785310BB"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0","versionEndExcluding":"3.5.12.30","matchCriteriaId":"157E617E-7432-464A-AEC4-29D3806FA2D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0","versionEndExcluding":"3.5.12.30","matchCriteriaId":"D95B012B-C9B0-4E2A-934B-3ECDE463722E"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:runtime_plcwinnt:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0.0","versionEndExcluding":"2.4.7.52","matchCriteriaId":"8931A117-72B6-4B1C-BF56-E7925D07A790"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:runtime_system_toolkit:*:*:*:*:*:*:x86:*","versionStartIncluding":"2.0.0.0","versionEndExcluding":"2.4.7.52","matchCriteriaId":"46335A20-A1BF-4E5B-BB1D-B7A4AFF6DB08"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:runtime_system_toolkit:3.5.15.0:*:*:*:*:*:*:*","matchCriteriaId":"7A3A8DFF-705F-4562-87CE-E899C5DC2D18"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:simulation_runtime:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0.0","versionEndExcluding":"3.5.12.30","matchCriteriaId":"9DD3AD40-BEE7-428D-B1F0-1349E10A9DD5"}]}]}],"references":[{"url":"https://customers.codesys.com/fileadmin/data/customers/security/2018/Advisory2018-04_CDS-59017.pdf","source":"info@cert.vde.com","tags":["Not Applicable"]},{"url":"https://customers.codesys.com/fileadmin/data/customers/security/2018/Advisory2018-04_CDS-59017.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]}]}}]}