Default Access and Communication Vulnerability in CODESYS Control V3 Products

Default Access and Communication Vulnerability in CODESYS Control V3 Products

CVE-2018-10612 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user credentials.

Learn more about our User Device Pen Test.