CISA has published an advisory on path traversal and stack-based buffer overflow vulnerabilities in 3S-Smart Software Solutions GmbH CODESYS V3 web server. Numerous products and versions of these products are affected. Successful exploitation of these vulnerabilities may allow an attacker to create a denial-of-service condition, to perform remote code execution, or to access restricted files. 3S-Smart Software Solutions GmbH has released Versions 3.5.12.80, 3.5.14.10, and 3.5.15.0 to resolve the vulnerabilities for the affected CODESYS products. CISA also recommends a series of measures for mitigating the vulnerabilities. Read the advisory at CISA.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!