CVE-2018-25112 | THREATINT

Description

An unauthenticated remote attacker may use an uncontrolled resource consumption in the IEC 61131 program of the affected products by creating large amounts of network traffic that needs to be handled by the ILC. This results in a Denial-of-Service of the device.

PUBLISHED Reserved 2025-06-04 | Published 2025-06-04 | Updated 2025-06-04 | Assigner CERTVDE

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-770 Allocation of Resources Without Limits or Throttling

Product status

Default status

unaffected

vers:all/*

affected

Default status

unaffected

vers:all/*

affected

Default status

unaffected

vers:all/*

affected

Default status

unaffected

vers:all/*

affected

Credits

Matthias Niedermaier (Hochschule Augsburg) reporter

Jan-Ole Malchow (Freie Universität Berlin) reporter

Florian Fischer (Hochschule Augsburg) reporter

References

certvde.com/en/advisories/VDE-2018-012/ vendor-advisory

cve.org (CVE-2018-25112)

nvd.nist.gov (CVE-2018-25112)

Download JSON

help @ threatint.eu