CVE-2020-12068: An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS WebVisu and CODESYS Remote TargetVisu are susceptible to privilege escalation.

medium6.5CVSS 3.1

AVNACLPRNUINSUCLILAN

An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS WebVisu and CODESYS Remote TargetVisu are susceptible to privilege escalation.

Affected

12 ranges

Vendor	Product	Version range	Fixed in
codesys	control_for_beaglebone	< 3.5.16.0	3.5.16.0
codesys	control_for_empc-a_imx6	< 3.5.16.0	3.5.16.0
codesys	control_for_iot2000	< 3.5.16.0	3.5.16.0
codesys	control_for_pfc100	< 3.5.16.0	3.5.16.0
codesys	control_for_pfc200	< 3.5.16.0	3.5.16.0
codesys	control_for_plcnext	< 3.5.16.0	3.5.16.0
codesys	control_for_raspberry_pi	< 3.5.16.0	3.5.16.0
codesys	control_rte	>= 3.0 < 3.5.16.0	3.5.16.0
codesys	control_runtime_system_toolkit	>= 3.0 < 3.5.16.0	3.5.16.0
codesys	control_win	>= 3.0 < 3.5.16.0	3.5.16.0
codesys	development_system	< 3.5.16.0	3.5.16.0
codesys	hmi	>= 3.0 < 3.5.16.0	3.5.16.0