CVE-2023-3663: 
CODESYS Development System vulnerability analysis and mitigation

A missing integrity check vulnerability was discovered in CODESYS Development System versions from 3.5.11.0 to 3.5.19.20. The vulnerability, tracked as CVE-2023-3663, was discovered by Sina Kheirkhah of Summoning Team working with Trend Micro Zero Day Initiative and coordinated by CERT@VDE (VDE Advisory, CISA Advisory).

The vulnerability exists in the Notification Center of the CODESYS Development System, where messages are received without proper verification of message integrity during transmission. The issue specifically involves the LearnMoreAction function, which lacks necessary integrity checks on notification data. The vulnerability has been assigned a CVSS v3.1 base score of 8.8 HIGH with vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H (ZDI Advisory, VDE Advisory).

Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server. This could potentially lead to arbitrary code execution in the context of the current user when the user clicks the 'Learn More' button (CISA Advisory, ZDI Advisory).

Users are recommended to update the CODESYS Development System to version 3.5.19.20. The update can be downloaded and installed directly with the CODESYS Installer or from the CODESYS Store. CISA recommends minimizing network exposure for all control system devices, ensuring they are not accessible from the Internet, and locating control system networks behind firewalls isolated from business networks (CISA Advisory, VDE Advisory).