This week we have one vendor disclosure from 3S.
CODESYS Advisory
3S published an
advisory [.PDF download link] describing an uncontrolled resource
allocation vulnerability in the CODESYS V3 products containing communication servers
for the CODESYS communication protocol. The vulnerability was reported [NOTE:
includes proof of concept code] by Tenable. 3S has a new version that mitigates
the vulnerability.
3S notes that a relatively low-skilled attacker could
remotely exploit this vulnerability with publicly available exploit code to
cause a denial-of-service condition.
Posts
No comments:
Post a Comment