{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T23:55:49.908","vulnerabilities":[{"cve":{"id":"CVE-2023-37557","sourceIdentifier":"info@cert.vde.com","published":"2023-08-03T12:15:10.797","lastModified":"2024-11-21T08:11:56.350","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition."},{"lang":"es","value":"Después de una autenticación exitosa como usuario en múltiples productos Codesys en múltiples versiones, solicitudes de comunicación remota diseñadas específicamente pueden hacer que el componente CmpAppBP sobrescriba un desbordamiento de búfer, lo que puede conducir a una condición de denegación de servicio."}],"metrics":{"cvssMetricV31":[{"source":"info@cert.vde.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"info@cert.vde.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*","versionEndExcluding":"4.10.0.0","matchCriteriaId":"80D9DB34-C2BD-441F-B8D9-02EFA27BECD8"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_empc-a\\/imx6_sl:*:*:*:*:*:*:*:*","versionEndExcluding":"4.10.0.0","matchCriteriaId":"49AA0C0C-F2F2-4F11-9615-FDCA6BC410B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*","versionEndExcluding":"4.10.0.0","matchCriteriaId":"74FE662F-5397-4CB7-9243-1E6ED0AAEC29"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*","versionEndExcluding":"4.10.0.0","matchCriteriaId":"8896E77C-EB29-4CB9-BC98-D5A34791A961"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*","versionEndExcluding":"4.10.0.0","matchCriteriaId":"56101551-21ED-4409-9932-9EFA225AF20C"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*","versionEndExcluding":"4.10.0.0","matchCriteriaId":"C1239AA8-B094-4DA3-82B7-38F85B6C3940"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_plcnext_sl:*:*:*:*:*:*:*:*","versionEndExcluding":"4.10.0.0","matchCriteriaId":"BAA7FE72-41A0-42E7-8E66-9B4A50A5B08F"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*","versionEndExcluding":"4.10.0.0","matchCriteriaId":"C248B53C-3C09-4068-9E57-8F9A4D2B7AD0"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*","versionEndExcluding":"4.10.0.0","matchCriteriaId":"C7995687-1BCD-454D-8546-52B80B5F22B0"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_rte_sl:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.19.20","matchCriteriaId":"BAFC253D-32BC-4B9E-BDEE-CFFDCDBBE9FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_rte_sl_\\(for_beckhoff_cx\\):*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.19.20","matchCriteriaId":"297D8781-B331-40B2-BD34-0041A316D5C8"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.19.20","matchCriteriaId":"DA76230A-C7E7-4223-BAB7-4CDE8F5CB5DB"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.19.20","matchCriteriaId":"09CC9B78-B3B4-4D49-9F23-DC5C80D52588"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.19.20","matchCriteriaId":"ACDCB65A-1328-422D-99A0-1D0FFE9AC793"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.19.20","matchCriteriaId":"81E2FE85-347D-42DE-9360-D5DB79AAD085"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesys:safety_sil2:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.19.20","matchCriteriaId":"A7DF2418-1EC1-4672-941E-098EBC9BDF4F"}]}]}],"references":[{"url":"https://cert.vde.com/en/advisories/VDE-2023-019/","source":"info@cert.vde.com","tags":["Third Party Advisory"]},{"url":"https://cert.vde.com/en/advisories/VDE-2023-019/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}