CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-25048

The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.0%

CVSS Severity

CVSS v3 Score 8.8

References

Products affected by CVE-2018-25048

Codesys » Control For Beaglebone » Version: 3.0.0.0

cpe:2.3:a:codesys:control_for_beaglebone:3.0.0.0
Codesys » Control For Beaglebone » Version: 3.5.10.0

cpe:2.3:a:codesys:control_for_beaglebone:3.5.10.0
Codesys » Control For Beaglebone » Version: 3.5.10.20

cpe:2.3:a:codesys:control_for_beaglebone:3.5.10.20
Codesys » Control For Beaglebone » Version: 3.5.10.30

cpe:2.3:a:codesys:control_for_beaglebone:3.5.10.30
Codesys » Control For Beaglebone » Version: 3.5.11.0

cpe:2.3:a:codesys:control_for_beaglebone:3.5.11.0
Codesys » Control For Beaglebone » Version: 3.5.11.10

cpe:2.3:a:codesys:control_for_beaglebone:3.5.11.10
Codesys » Control For Beaglebone » Version: 3.5.11.20

cpe:2.3:a:codesys:control_for_beaglebone:3.5.11.20
Codesys » Control For Beaglebone » Version: 3.5.11.50

cpe:2.3:a:codesys:control_for_beaglebone:3.5.11.50
Codesys » Control For Beaglebone » Version: 3.5.11.60

cpe:2.3:a:codesys:control_for_beaglebone:3.5.11.60
Codesys » Control For Beaglebone » Version: 3.5.12.0

cpe:2.3:a:codesys:control_for_beaglebone:3.5.12.0
Codesys » Control For Beaglebone » Version: 3.5.12.10

cpe:2.3:a:codesys:control_for_beaglebone:3.5.12.10
Codesys » Control For Empc-A/imx6 » Version: 3.0.0.0

cpe:2.3:a:codesys:control_for_empc-a/imx6:3.0.0.0
Codesys » Control For Empc-A/imx6 » Version: 3.5.10.0

cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.10.0
Codesys » Control For Empc-A/imx6 » Version: 3.5.10.20

cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.10.20
Codesys » Control For Empc-A/imx6 » Version: 3.5.11.0

cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.11.0
Codesys » Control For Empc-A/imx6 » Version: 3.5.11.10

cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.11.10
Codesys » Control For Empc-A/imx6 » Version: 3.5.11.20

cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.11.20
Codesys » Control For Empc-A/imx6 » Version: 3.5.11.50

cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.11.50
Codesys » Control For Empc-A/imx6 » Version: 3.5.11.60

cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.11.60
Codesys » Control For Empc-A/imx6 » Version: 3.5.12.0

cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.12.0
Codesys » Control For Empc-A/imx6 » Version: 3.5.12.10

cpe:2.3:a:codesys:control_for_empc-a/imx6:3.5.12.10
Codesys » Control For Iot2000 » Version: 3.0.0.0

cpe:2.3:a:codesys:control_for_iot2000:3.0.0.0
Codesys » Control For Iot2000 » Version: 3.5.11.0

cpe:2.3:a:codesys:control_for_iot2000:3.5.11.0
Codesys » Control For Iot2000 » Version: 3.5.11.10

cpe:2.3:a:codesys:control_for_iot2000:3.5.11.10
Codesys » Control For Iot2000 » Version: 3.5.11.20

cpe:2.3:a:codesys:control_for_iot2000:3.5.11.20
Codesys » Control For Iot2000 » Version: 3.5.11.50

cpe:2.3:a:codesys:control_for_iot2000:3.5.11.50
Codesys » Control For Iot2000 » Version: 3.5.11.60

cpe:2.3:a:codesys:control_for_iot2000:3.5.11.60
Codesys » Control For Iot2000 » Version: 3.5.12.0

cpe:2.3:a:codesys:control_for_iot2000:3.5.12.0
Codesys » Control For Iot2000 » Version: 3.5.12.10

cpe:2.3:a:codesys:control_for_iot2000:3.5.12.10
Codesys » Control For Pfc100 » Version: 3.0.0.0

cpe:2.3:a:codesys:control_for_pfc100:3.0.0.0
Codesys » Control For Pfc100 » Version: 3.5.11.0

cpe:2.3:a:codesys:control_for_pfc100:3.5.11.0
Codesys » Control For Pfc100 » Version: 3.5.11.10

cpe:2.3:a:codesys:control_for_pfc100:3.5.11.10
Codesys » Control For Pfc100 » Version: 3.5.11.20

cpe:2.3:a:codesys:control_for_pfc100:3.5.11.20
Codesys » Control For Pfc100 » Version: 3.5.11.50

cpe:2.3:a:codesys:control_for_pfc100:3.5.11.50
Codesys » Control For Pfc100 » Version: 3.5.11.60

cpe:2.3:a:codesys:control_for_pfc100:3.5.11.60
Codesys » Control For Pfc100 » Version: 3.5.12.0

cpe:2.3:a:codesys:control_for_pfc100:3.5.12.0
Codesys » Control For Pfc100 » Version: 3.5.12.10

cpe:2.3:a:codesys:control_for_pfc100:3.5.12.10
Codesys » Control For Pfc200 » Version: 3.0.0.0

cpe:2.3:a:codesys:control_for_pfc200:3.0.0.0
Codesys » Control For Pfc200 » Version: 3.5.10.0

cpe:2.3:a:codesys:control_for_pfc200:3.5.10.0
Codesys » Control For Pfc200 » Version: 3.5.10.20

cpe:2.3:a:codesys:control_for_pfc200:3.5.10.20
Codesys » Control For Pfc200 » Version: 3.5.11.0

cpe:2.3:a:codesys:control_for_pfc200:3.5.11.0
Codesys » Control For Pfc200 » Version: 3.5.11.10

cpe:2.3:a:codesys:control_for_pfc200:3.5.11.10
Codesys » Control For Pfc200 » Version: 3.5.11.20

cpe:2.3:a:codesys:control_for_pfc200:3.5.11.20
Codesys » Control For Pfc200 » Version: 3.5.11.50

cpe:2.3:a:codesys:control_for_pfc200:3.5.11.50
Codesys » Control For Pfc200 » Version: 3.5.11.60

cpe:2.3:a:codesys:control_for_pfc200:3.5.11.60
Codesys » Control For Pfc200 » Version: 3.5.12.0

cpe:2.3:a:codesys:control_for_pfc200:3.5.12.0
Codesys » Control For Pfc200 » Version: 3.5.12.10

cpe:2.3:a:codesys:control_for_pfc200:3.5.12.10
Codesys » Control For Raspberry Pi » Version: 3.0.0.0

cpe:2.3:a:codesys:control_for_raspberry_pi:3.0.0.0
Codesys » Control For Raspberry Pi » Version: 3.5.10.0

cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.10.0
Codesys » Control For Raspberry Pi » Version: 3.5.10.20

cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.10.20
Codesys » Control For Raspberry Pi » Version: 3.5.11.0

cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.11.0
Codesys » Control For Raspberry Pi » Version: 3.5.11.10

cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.11.10
Codesys » Control For Raspberry Pi » Version: 3.5.11.20

cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.11.20
Codesys » Control For Raspberry Pi » Version: 3.5.11.50

cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.11.50
Codesys » Control For Raspberry Pi » Version: 3.5.11.60

cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.11.60
Codesys » Control For Raspberry Pi » Version: 3.5.12.0

cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.12.0
Codesys » Control For Raspberry Pi » Version: 3.5.12.10

cpe:2.3:a:codesys:control_for_raspberry_pi:3.5.12.10
Codesys » Control Rte » Version: 3.0.0.0

cpe:2.3:a:codesys:control_rte:3.0.0.0
Codesys » Control Rte » Version: 3.5.10.0

cpe:2.3:a:codesys:control_rte:3.5.10.0
Codesys » Control Rte » Version: 3.5.10.10

cpe:2.3:a:codesys:control_rte:3.5.10.10
Codesys » Control Rte » Version: 3.5.10.20

cpe:2.3:a:codesys:control_rte:3.5.10.20
Codesys » Control Rte » Version: 3.5.10.40

cpe:2.3:a:codesys:control_rte:3.5.10.40
Codesys » Control Rte » Version: 3.5.10.50

cpe:2.3:a:codesys:control_rte:3.5.10.50
Codesys » Control Rte » Version: 3.5.10.60

cpe:2.3:a:codesys:control_rte:3.5.10.60
Codesys » Control Rte » Version: 3.5.10.95

cpe:2.3:a:codesys:control_rte:3.5.10.95
Codesys » Control Rte » Version: 3.5.11.0

cpe:2.3:a:codesys:control_rte:3.5.11.0
Codesys » Control Rte » Version: 3.5.11.10

cpe:2.3:a:codesys:control_rte:3.5.11.10
Codesys » Control Rte » Version: 3.5.11.20

cpe:2.3:a:codesys:control_rte:3.5.11.20
Codesys » Control Rte » Version: 3.5.11.30

cpe:2.3:a:codesys:control_rte:3.5.11.30
Codesys » Control Rte » Version: 3.5.11.40

cpe:2.3:a:codesys:control_rte:3.5.11.40
Codesys » Control Rte » Version: 3.5.11.42

cpe:2.3:a:codesys:control_rte:3.5.11.42
Codesys » Control Rte » Version: 3.5.11.50

cpe:2.3:a:codesys:control_rte:3.5.11.50
Codesys » Control Rte » Version: 3.5.11.60

cpe:2.3:a:codesys:control_rte:3.5.11.60
Codesys » Control Rte » Version: 3.5.12.0

cpe:2.3:a:codesys:control_rte:3.5.12.0
Codesys » Control Rte » Version: 3.5.12.1

cpe:2.3:a:codesys:control_rte:3.5.12.1
Codesys » Control Rte » Version: 3.5.12.10

cpe:2.3:a:codesys:control_rte:3.5.12.10
Codesys » Control Rte » Version: 3.5.12.20

cpe:2.3:a:codesys:control_rte:3.5.12.20
Codesys » Control Rte » Version: 3.5.8.60

cpe:2.3:a:codesys:control_rte:3.5.8.60
Codesys » Control Rte » Version: 3.5.9.40

cpe:2.3:a:codesys:control_rte:3.5.9.40
Codesys » Control Rte » Version: 3.5.9.50

cpe:2.3:a:codesys:control_rte:3.5.9.50
Codesys » Control Rte » Version: 3.5.9.60

cpe:2.3:a:codesys:control_rte:3.5.9.60
Codesys » Control Rte » Version: 3.5.9.70

cpe:2.3:a:codesys:control_rte:3.5.9.70
Codesys » Control V3 Runtime System Toolkit » Version: 3.0.0.0

cpe:2.3:a:codesys:control_v3_runtime_system_toolkit:3.0.0.0
Codesys » Control Win » Version: 3.0.0.0

cpe:2.3:a:codesys:control_win:3.0.0.0
Codesys » Control Win » Version: 3.5.9.80

cpe:2.3:a:codesys:control_win:3.5.9.80
Codesys » Embedded Target Visu Toolkit » Version: 3.0

cpe:2.3:a:codesys:embedded_target_visu_toolkit:3.0
Codesys » Hmi » Version: 3.0

cpe:2.3:a:codesys:hmi:3.0
Codesys » Hmi » Version: 3.5.10.0

cpe:2.3:a:codesys:hmi:3.5.10.0
Codesys » Hmi » Version: 3.5.10.10

cpe:2.3:a:codesys:hmi:3.5.10.10
Codesys » Hmi » Version: 3.5.10.20

cpe:2.3:a:codesys:hmi:3.5.10.20
Codesys » Hmi » Version: 3.5.10.30

cpe:2.3:a:codesys:hmi:3.5.10.30
Codesys » Hmi » Version: 3.5.10.30.

cpe:2.3:a:codesys:hmi:3.5.10.30.
Codesys » Hmi » Version: 3.5.10.40

cpe:2.3:a:codesys:hmi:3.5.10.40
Codesys » Hmi » Version: 3.5.10.50

cpe:2.3:a:codesys:hmi:3.5.10.50
Codesys » Hmi » Version: 3.5.10.60

cpe:2.3:a:codesys:hmi:3.5.10.60
Codesys » Hmi » Version: 3.5.10.70

cpe:2.3:a:codesys:hmi:3.5.10.70
Codesys » Hmi » Version: 3.5.11.0

cpe:2.3:a:codesys:hmi:3.5.11.0
Codesys » Hmi » Version: 3.5.11.10

cpe:2.3:a:codesys:hmi:3.5.11.10
Codesys » Hmi » Version: 3.5.11.20

cpe:2.3:a:codesys:hmi:3.5.11.20
Codesys » Hmi » Version: 3.5.11.30

cpe:2.3:a:codesys:hmi:3.5.11.30
Codesys » Hmi » Version: 3.5.11.40

cpe:2.3:a:codesys:hmi:3.5.11.40
Codesys » Hmi » Version: 3.5.11.50

cpe:2.3:a:codesys:hmi:3.5.11.50
Codesys » Hmi » Version: 3.5.11.60

cpe:2.3:a:codesys:hmi:3.5.11.60
Codesys » Hmi » Version: 3.5.12.0

cpe:2.3:a:codesys:hmi:3.5.12.0
Codesys » Hmi » Version: 3.5.12.10

cpe:2.3:a:codesys:hmi:3.5.12.10
Codesys » Hmi » Version: 3.5.12.20

cpe:2.3:a:codesys:hmi:3.5.12.20
Codesys » Remote Target Visu Toolkit » Version: 3.0

cpe:2.3:a:codesys:remote_target_visu_toolkit:3.0
Codesys » Runtime Plcwinnt » Version: 2.0.0.0

cpe:2.3:a:codesys:runtime_plcwinnt:2.0.0.0
Codesys » Runtime System Toolkit » Version: 2.0.0.0

cpe:2.3:a:codesys:runtime_system_toolkit:2.0.0.0
Codesys » Runtime System Toolkit » Version: 3.5.15.0

cpe:2.3:a:codesys:runtime_system_toolkit:3.5.15.0
Codesys » Simulation Runtime » Version: 3.0.0.0

cpe:2.3:a:codesys:simulation_runtime:3.0.0.0
Codesys » Simulation Runtime » Version: 3.5.11.60

cpe:2.3:a:codesys:simulation_runtime:3.5.11.60
Codesys » Simulation Runtime » Version: 3.5.12.0

cpe:2.3:a:codesys:simulation_runtime:3.5.12.0
Codesys » Simulation Runtime » Version: 3.5.12.10

cpe:2.3:a:codesys:simulation_runtime:3.5.12.10
Codesys » Simulation Runtime » Version: 3.5.9.40

cpe:2.3:a:codesys:simulation_runtime:3.5.9.40

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-25048

Products

Pricing

Contact Us