Vulnerability Details CVE-2018-20025
Use of Insufficiently Random Values exists in CODESYS V3 products versions prior V3.5.14.0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.5%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/106251
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-037-codesys-control-v3-use-of-insufficiently-random-values/
- https://ics-cert.us-cert.gov/advisories/ICSA-18-352-04
- http://www.securityfocus.com/bid/106251
- https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-037-codesys-control-v3-use-of-insufficiently-random-values/
- https://ics-cert.us-cert.gov/advisories/ICSA-18-352-04
Products affected by CVE-2018-20025
-
cpe:2.3:a:codesys:control_for_beaglebone_sl:3.0
-
cpe:2.3:a:codesys:control_for_beaglebone_sl:3.5.10.0
-
cpe:2.3:a:codesys:control_for_beaglebone_sl:3.5.10.20
-
cpe:2.3:a:codesys:control_for_beaglebone_sl:3.5.10.30
-
cpe:2.3:a:codesys:control_for_beaglebone_sl:3.5.11.0
-
cpe:2.3:a:codesys:control_for_beaglebone_sl:3.5.11.10
-
cpe:2.3:a:codesys:control_for_beaglebone_sl:3.5.11.20
-
cpe:2.3:a:codesys:control_for_beaglebone_sl:3.5.11.50
-
cpe:2.3:a:codesys:control_for_beaglebone_sl:3.5.11.60
-
cpe:2.3:a:codesys:control_for_beaglebone_sl:3.5.12.0
-
cpe:2.3:a:codesys:control_for_beaglebone_sl:3.5.12.10
-
cpe:2.3:a:codesys:control_for_beaglebone_sl:3.5.12.30
-
cpe:2.3:a:codesys:control_for_beaglebone_sl:3.5.12.70
-
cpe:2.3:a:codesys:control_for_beaglebone_sl:3.5.13.0
-
cpe:2.3:a:codesys:control_for_beaglebone_sl:3.5.13.20
-
cpe:2.3:a:codesys:control_for_beaglebone_sl:3.5.13.30
-
cpe:2.3:a:codesys:control_for_empc-a/imx6_sl:3.0
-
cpe:2.3:a:codesys:control_for_empc-a/imx6_sl:3.5.10.0
-
cpe:2.3:a:codesys:control_for_empc-a/imx6_sl:3.5.10.20
-
cpe:2.3:a:codesys:control_for_empc-a/imx6_sl:3.5.11.0
-
cpe:2.3:a:codesys:control_for_empc-a/imx6_sl:3.5.11.10
-
cpe:2.3:a:codesys:control_for_empc-a/imx6_sl:3.5.11.20
-
cpe:2.3:a:codesys:control_for_empc-a/imx6_sl:3.5.11.50
-
cpe:2.3:a:codesys:control_for_empc-a/imx6_sl:3.5.11.60
-
cpe:2.3:a:codesys:control_for_empc-a/imx6_sl:3.5.12.0
-
cpe:2.3:a:codesys:control_for_empc-a/imx6_sl:3.5.12.10
-
cpe:2.3:a:codesys:control_for_empc-a/imx6_sl:3.5.12.30
-
cpe:2.3:a:codesys:control_for_empc-a/imx6_sl:3.5.12.70
-
cpe:2.3:a:codesys:control_for_empc-a/imx6_sl:3.5.13.0
-
cpe:2.3:a:codesys:control_for_empc-a/imx6_sl:3.5.13.20
-
cpe:2.3:a:codesys:control_for_empc-a/imx6_sl:3.5.13.30
-
cpe:2.3:a:codesys:control_for_iot2000_sl:3.0
-
cpe:2.3:a:codesys:control_for_iot2000_sl:3.5.11.0
-
cpe:2.3:a:codesys:control_for_iot2000_sl:3.5.11.10
-
cpe:2.3:a:codesys:control_for_iot2000_sl:3.5.11.20
-
cpe:2.3:a:codesys:control_for_iot2000_sl:3.5.11.50
-
cpe:2.3:a:codesys:control_for_iot2000_sl:3.5.11.60
-
cpe:2.3:a:codesys:control_for_iot2000_sl:3.5.12.0
-
cpe:2.3:a:codesys:control_for_iot2000_sl:3.5.12.10
-
cpe:2.3:a:codesys:control_for_iot2000_sl:3.5.12.30
-
cpe:2.3:a:codesys:control_for_iot2000_sl:3.5.12.70
-
cpe:2.3:a:codesys:control_for_iot2000_sl:3.5.13.0
-
cpe:2.3:a:codesys:control_for_iot2000_sl:3.5.13.20
-
cpe:2.3:a:codesys:control_for_iot2000_sl:3.5.13.30
-
cpe:2.3:a:codesys:control_for_linux_sl:3.0
-
cpe:2.3:a:codesys:control_for_linux_sl:3.5.13.0
-
cpe:2.3:a:codesys:control_for_linux_sl:3.5.13.20
-
cpe:2.3:a:codesys:control_for_linux_sl:3.5.13.30
-
cpe:2.3:a:codesys:control_for_pfc100_sl:3.0
-
cpe:2.3:a:codesys:control_for_pfc100_sl:3.5.11.0
-
cpe:2.3:a:codesys:control_for_pfc100_sl:3.5.11.10
-
cpe:2.3:a:codesys:control_for_pfc100_sl:3.5.11.20
-
cpe:2.3:a:codesys:control_for_pfc100_sl:3.5.11.50
-
cpe:2.3:a:codesys:control_for_pfc100_sl:3.5.11.60
-
cpe:2.3:a:codesys:control_for_pfc100_sl:3.5.12.0
-
cpe:2.3:a:codesys:control_for_pfc100_sl:3.5.12.10
-
cpe:2.3:a:codesys:control_for_pfc100_sl:3.5.12.30
-
cpe:2.3:a:codesys:control_for_pfc100_sl:3.5.12.40
-
cpe:2.3:a:codesys:control_for_pfc100_sl:3.5.12.70
-
cpe:2.3:a:codesys:control_for_pfc100_sl:3.5.13.0
-
cpe:2.3:a:codesys:control_for_pfc100_sl:3.5.13.20
-
cpe:2.3:a:codesys:control_for_pfc100_sl:3.5.13.30
-
cpe:2.3:a:codesys:control_for_pfc200_sl:3.0
-
cpe:2.3:a:codesys:control_for_pfc200_sl:3.5.10.0
-
cpe:2.3:a:codesys:control_for_pfc200_sl:3.5.10.20
-
cpe:2.3:a:codesys:control_for_pfc200_sl:3.5.11.0
-
cpe:2.3:a:codesys:control_for_pfc200_sl:3.5.11.10
-
cpe:2.3:a:codesys:control_for_pfc200_sl:3.5.11.20
-
cpe:2.3:a:codesys:control_for_pfc200_sl:3.5.11.50
-
cpe:2.3:a:codesys:control_for_pfc200_sl:3.5.11.60
-
cpe:2.3:a:codesys:control_for_pfc200_sl:3.5.12.0
-
cpe:2.3:a:codesys:control_for_pfc200_sl:3.5.12.10
-
cpe:2.3:a:codesys:control_for_pfc200_sl:3.5.12.30
-
cpe:2.3:a:codesys:control_for_pfc200_sl:3.5.12.40
-
cpe:2.3:a:codesys:control_for_pfc200_sl:3.5.12.70
-
cpe:2.3:a:codesys:control_for_pfc200_sl:3.5.13.0
-
cpe:2.3:a:codesys:control_for_pfc200_sl:3.5.13.20
-
cpe:2.3:a:codesys:control_for_pfc200_sl:3.5.13.30
-
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:3.0
-
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:3.5.10.0
-
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:3.5.10.20
-
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:3.5.11.0
-
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:3.5.11.10
-
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:3.5.11.20
-
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:3.5.11.50
-
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:3.5.11.60
-
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:3.5.12.0
-
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:3.5.12.10
-
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:3.5.12.30
-
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:3.5.12.70
-
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:3.5.13.0
-
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:3.5.13.20
-
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:3.5.13.30
-
cpe:2.3:a:codesys:control_rte_sl:3.0
-
cpe:2.3:a:codesys:control_rte_sl:3.5.10.0
-
cpe:2.3:a:codesys:control_rte_sl:3.5.10.10
-
cpe:2.3:a:codesys:control_rte_sl:3.5.10.20
-
cpe:2.3:a:codesys:control_rte_sl:3.5.10.40
-
cpe:2.3:a:codesys:control_rte_sl:3.5.10.50
-
cpe:2.3:a:codesys:control_rte_sl:3.5.10.60
-
cpe:2.3:a:codesys:control_rte_sl:3.5.10.95
-
cpe:2.3:a:codesys:control_rte_sl:3.5.11.0
-
cpe:2.3:a:codesys:control_rte_sl:3.5.11.10
-
cpe:2.3:a:codesys:control_rte_sl:3.5.11.20
-
cpe:2.3:a:codesys:control_rte_sl:3.5.11.30
-
cpe:2.3:a:codesys:control_rte_sl:3.5.11.40
-
cpe:2.3:a:codesys:control_rte_sl:3.5.11.42
-
cpe:2.3:a:codesys:control_rte_sl:3.5.11.50
-
cpe:2.3:a:codesys:control_rte_sl:3.5.11.60
-
cpe:2.3:a:codesys:control_rte_sl:3.5.12.0
-
cpe:2.3:a:codesys:control_rte_sl:3.5.12.10
-
cpe:2.3:a:codesys:control_rte_sl:3.5.12.20
-
cpe:2.3:a:codesys:control_rte_sl:3.5.12.30
-
cpe:2.3:a:codesys:control_rte_sl:3.5.12.50
-
cpe:2.3:a:codesys:control_rte_sl:3.5.12.60
-
cpe:2.3:a:codesys:control_rte_sl:3.5.12.70
-
cpe:2.3:a:codesys:control_rte_sl:3.5.13.0
-
cpe:2.3:a:codesys:control_rte_sl:3.5.13.10
-
cpe:2.3:a:codesys:control_rte_sl:3.5.13.20
-
cpe:2.3:a:codesys:control_rte_sl:3.5.13.30
-
cpe:2.3:a:codesys:control_rte_sl:3.5.13.40
-
cpe:2.3:a:codesys:control_rte_sl:3.5.8.60
-
cpe:2.3:a:codesys:control_rte_sl:3.5.9.40
-
cpe:2.3:a:codesys:control_rte_sl:3.5.9.50
-
cpe:2.3:a:codesys:control_rte_sl:3.5.9.60
-
cpe:2.3:a:codesys:control_rte_sl:3.5.9.70
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.0
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.10.0
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.10.10
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.10.20
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.10.40
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.10.50
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.10.60
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.10.95
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.11.0
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.11.10
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.11.20
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.11.30
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.11.40
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.11.50
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.11.60
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.12.0
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.12.10
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.12.20
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.12.30
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.12.40
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.12.50
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.12.60
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.12.70
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.13.0
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.13.10
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.13.20
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.13.30
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.8.60
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.9.40
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.9.50
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.9.60
-
cpe:2.3:a:codesys:control_rte_sl_(for_beckhoff_cx):3.5.9.70
-
cpe:2.3:a:codesys:control_runtime_toolkit:3.0
-
cpe:2.3:a:codesys:control_win_sl:3.0
-
cpe:2.3:a:codesys:control_win_sl:3.5.10.0
-
cpe:2.3:a:codesys:control_win_sl:3.5.10.10
-
cpe:2.3:a:codesys:control_win_sl:3.5.10.20
-
cpe:2.3:a:codesys:control_win_sl:3.5.10.30
-
cpe:2.3:a:codesys:control_win_sl:3.5.10.40
-
cpe:2.3:a:codesys:control_win_sl:3.5.10.50
-
cpe:2.3:a:codesys:control_win_sl:3.5.10.60
-
cpe:2.3:a:codesys:control_win_sl:3.5.10.70
-
cpe:2.3:a:codesys:control_win_sl:3.5.11.0
-
cpe:2.3:a:codesys:control_win_sl:3.5.11.10
-
cpe:2.3:a:codesys:control_win_sl:3.5.11.20
-
cpe:2.3:a:codesys:control_win_sl:3.5.11.30
-
cpe:2.3:a:codesys:control_win_sl:3.5.11.40
-
cpe:2.3:a:codesys:control_win_sl:3.5.11.50
-
cpe:2.3:a:codesys:control_win_sl:3.5.11.60
-
cpe:2.3:a:codesys:control_win_sl:3.5.12.0
-
cpe:2.3:a:codesys:control_win_sl:3.5.12.10
-
cpe:2.3:a:codesys:control_win_sl:3.5.12.20
-
cpe:2.3:a:codesys:control_win_sl:3.5.12.30
-
cpe:2.3:a:codesys:control_win_sl:3.5.12.40
-
cpe:2.3:a:codesys:control_win_sl:3.5.12.50
-
cpe:2.3:a:codesys:control_win_sl:3.5.12.60
-
cpe:2.3:a:codesys:control_win_sl:3.5.12.70
-
cpe:2.3:a:codesys:control_win_sl:3.5.13.0
-
cpe:2.3:a:codesys:control_win_sl:3.5.13.10
-
cpe:2.3:a:codesys:control_win_sl:3.5.13.20
-
cpe:2.3:a:codesys:control_win_sl:3.5.13.30
-
cpe:2.3:a:codesys:control_win_sl:3.5.13.40
-
cpe:2.3:a:codesys:control_win_sl:3.5.9.80
-
cpe:2.3:a:codesys:development_system:3.0
-
cpe:2.3:a:codesys:development_system:3.5.10.0
-
cpe:2.3:a:codesys:development_system:3.5.10.10
-
cpe:2.3:a:codesys:development_system:3.5.10.20
-
cpe:2.3:a:codesys:development_system:3.5.10.30
-
cpe:2.3:a:codesys:development_system:3.5.10.40
-
cpe:2.3:a:codesys:development_system:3.5.10.50
-
cpe:2.3:a:codesys:development_system:3.5.10.60
-
cpe:2.3:a:codesys:development_system:3.5.10.70
-
cpe:2.3:a:codesys:development_system:3.5.11.0
-
cpe:2.3:a:codesys:development_system:3.5.11.10
-
cpe:2.3:a:codesys:development_system:3.5.11.20
-
cpe:2.3:a:codesys:development_system:3.5.11.30
-
cpe:2.3:a:codesys:development_system:3.5.11.40
-
cpe:2.3:a:codesys:development_system:3.5.11.50
-
cpe:2.3:a:codesys:development_system:3.5.11.60
-
cpe:2.3:a:codesys:development_system:3.5.12.0
-
cpe:2.3:a:codesys:development_system:3.5.12.10
-
cpe:2.3:a:codesys:development_system:3.5.12.20
-
cpe:2.3:a:codesys:development_system:3.5.12.30
-
cpe:2.3:a:codesys:development_system:3.5.12.40
-
cpe:2.3:a:codesys:development_system:3.5.12.50
-
cpe:2.3:a:codesys:development_system:3.5.12.60
-
cpe:2.3:a:codesys:development_system:3.5.12.70
-
cpe:2.3:a:codesys:development_system:3.5.13.0
-
cpe:2.3:a:codesys:development_system:3.5.13.10
-
cpe:2.3:a:codesys:development_system:3.5.13.20
-
cpe:2.3:a:codesys:development_system:3.5.13.30
-
cpe:2.3:a:codesys:development_system:3.5.13.40
-
cpe:2.3:a:codesys:development_system:3.5.9.0
-
cpe:2.3:a:codesys:development_system:3.5.9.40
-
cpe:2.3:a:codesys:development_system:3.5.9.50
-
cpe:2.3:a:codesys:development_system:3.5.9.60
-
cpe:2.3:a:codesys:development_system:3.5.9.70
-
cpe:2.3:a:codesys:development_system:3.5.9.80
-
cpe:2.3:a:codesys:gateway:3.0
-
cpe:2.3:a:codesys:gateway:3.5.8.60
-
cpe:2.3:a:codesys:hmi_sl:3.0
-
cpe:2.3:a:codesys:hmi_sl:3.5.10.0
-
cpe:2.3:a:codesys:hmi_sl:3.5.10.10
-
cpe:2.3:a:codesys:hmi_sl:3.5.10.20
-
cpe:2.3:a:codesys:hmi_sl:3.5.10.30
-
cpe:2.3:a:codesys:hmi_sl:3.5.10.40
-
cpe:2.3:a:codesys:hmi_sl:3.5.10.50
-
cpe:2.3:a:codesys:hmi_sl:3.5.10.60
-
cpe:2.3:a:codesys:hmi_sl:3.5.10.70
-
cpe:2.3:a:codesys:hmi_sl:3.5.11.0
-
cpe:2.3:a:codesys:hmi_sl:3.5.11.10
-
cpe:2.3:a:codesys:hmi_sl:3.5.11.20
-
cpe:2.3:a:codesys:hmi_sl:3.5.11.30
-
cpe:2.3:a:codesys:hmi_sl:3.5.11.40
-
cpe:2.3:a:codesys:hmi_sl:3.5.11.50
-
cpe:2.3:a:codesys:hmi_sl:3.5.11.60
-
cpe:2.3:a:codesys:hmi_sl:3.5.12.0
-
cpe:2.3:a:codesys:hmi_sl:3.5.12.10
-
cpe:2.3:a:codesys:hmi_sl:3.5.12.20
-
cpe:2.3:a:codesys:hmi_sl:3.5.12.30
-
cpe:2.3:a:codesys:hmi_sl:3.5.12.40
-
cpe:2.3:a:codesys:hmi_sl:3.5.12.50
-
cpe:2.3:a:codesys:hmi_sl:3.5.12.70
-
cpe:2.3:a:codesys:hmi_sl:3.5.13.0
-
cpe:2.3:a:codesys:hmi_sl:3.5.13.10
-
cpe:2.3:a:codesys:hmi_sl:3.5.13.20
-
cpe:2.3:a:codesys:hmi_sl:3.5.13.30
-
cpe:2.3:a:codesys:safety_sil2:3.0