CVE-2018-20025

7.5HIGH

Key Information:

Vendor: Kaspersky
Status: Codesys V3 Products
Vendor: CVE Published:; 19 February 2019

Summary

Use of Insufficiently Random Values exists in CODESYS V3 products versions prior V3.5.14.0.

Affected Version(s)

CODESYS V3 products prior V3.5.14.0

References

http://www.securityfocus.com/bid/106251

vdb-entryx_refsource_BID

https://ics-cert.kaspersky.com/advisories/klcert-advisori...

x_refsource_MISC

https://ics-cert.us-cert.gov/advisories/ICSA-18-352-04

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 19, 2019
Vulnerability Reserved
Dec 10, 2018

.