CVE Catalog
CVE-2023-3669
LowCVSS 3.3Exploitation Probability (EPSS)
Low risk0.14%
4th percentile — higher than 4% of all known CVEs
Summary
A missing Brute-Force protection in CODESYS Development System prior to version 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog.
Risk Assessment
The organization is at risk of unauthorized access to the system, which could lead to serious security breaches.
Recommendation
It is recommended to update the CODESYS Development System to version 3.5.19.20 or later to implement proper protection against Brute-Force attacks.
Original NVD description (English source)
A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog.

