The CoDeSys Runtime Toolkit’s file transfer functionality does not
perform input validation, which allows an attacker to access files and
directories outside the intended scope. This may allow an attacker to
upload and download any file on the device. This could allow the
attacker to affect the availability, integrity, and confidentiality of
the device.
Credits
Independent researcher Reid Wightman of IOActive, formerly of Digital Bond has validated that the patch, issued by 3S, mitigates theses vulnerabilities.
