CVE-2018-20026 — Vulnetix

Try Vulnetix Request Demo

CVE-2018-20026 PUBLISHED CVSS 9.800000190734863 CRITICAL

3. TECHNICAL DETAILS The following versions of CODESYS in Festo Automation Suite are affected: FESTO Software Festo Automation Suite (versions prior to 2.8.0.138) installed with CODESYS Software CODESYS Development System (3.0) vers:all/* FESTO Software Festo Automation Suite (versions prior to 2.8.0.138) installed with CODESYS Software CODESYS Development System (3.5.16.10) vers:all/* FESTO Software Festo Automation Suite (2.8.0.137) installed with CODESYS Software CODESYS Development System (3.0) vers:all/* FESTO Software Festo Automation Suite (2.8.0.137) installed with CODESYS Software CODESYS Development System (3.5.16.10) vers:all/* CVSS Vendor Equipment Vulnerabilities v3 9.8 FESTO, CODESYS CODESYS in Festo Automation Suite Direct Request ('Forced Browsing'), Untrusted Search Path, Improper Restriction of Operations within the Bounds of a Memory Buffer, Uncontrolled Recursion, Improper Access Control, Use of Insufficiently Random Values, Improper Restriction of Communication Channel to Intended Endpoints, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), NULL Pointer Dereference, Stack-based Buffer Overflow, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Incorrect Permission Assignment for Critical Resource, Improper Handling of Exceptional Conditions, Exposure of Resource to Wrong Sphere, Allocation of Resources Without Limits or Throttling, Use of a Broken or Risky Cryptographic Algorithm, Out-of-bounds Write, Weak Password Recovery Mechanism for Forgotten Password, Improper Privilege Management, Use of Password Hash With Insufficient Computational Effort, Buffer Access with Incorrect Length Value, Improper Input Validation, Improper Verification of Cryptographic Signature, Inadequate Encryption Strength, Origin Validation Error, Missing Release of Memory after Effective Lifetime, Improper Resource Shutdown or Release, Deserialization of Untrusted Data, Path Equivalence: '//multiple/leading/slash', Insufficient Verification of Data Authenticity, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'), Missing Authentication for Critical Function, Out-of-bounds Read, Failure to Sanitize Special Elements into a Different Plane (Special Element Injection), Use of Out-of-range Pointer Offset, Improper Neutralization of Script in Attributes of IMG Tags in a Web Page, Files or Directories Accessible to External Parties, Untrusted Pointer Dereference, Path Traversal: '....' (Multiple Dot), ASP.NET Misconfiguration: Missing Custom Error Page, Uncontrolled Resource Consumption, Unprotected Transport of Credentials, Initialization of a Resource with an Insecure Default, Heap-based Buffer Overflow, Unexpected Sign Extension, Buffer Over-read, Uncontrolled Search Path Element, Improper Verification of Source of a Communication Channel, Improper Restriction of Excessive Authentication Attempts, Use After Free, ASP.NET Misconfiguration: Password in Configuration File, Improper Check for Unusual or Exceptional Conditions, Observable Discrepancy, Incorrect Default Permissions Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Germany

EPSS 0.92% · 75.8th percentile

Risk Scores

CVSS v3.1

9.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS Score

0.92%

75.8th percentile

Timeline

Dec 18, 2018 CVE Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Aug 23, 2021 EPSS Score
Dec 25, 2021 EPSS Score
Feb 25, 2022 EPSS Score
Apr 28, 2022 EPSS Score
Jun 29, 2022 EPSS Score
Aug 31, 2022 EPSS Score
Nov 1, 2022 EPSS Score
Mar 5, 2023 EPSS Score
May 6, 2023 EPSS Score

References

https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01 advisory
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-076-01.json advisory
https://www.cve.org/CVERecord?id=CVE-2025-2595 technical
https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json technical
https://certvde.com/en/advisories/VDE-2025-108 technical
https://cwe.mitre.org/data/definitions/425.html technical
https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N technical
https://www.cve.org/CVERecord?id=CVE-2010-5250 technical
https://cwe.mitre.org/data/definitions/426.html technical
https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H technical
https://www.cve.org/CVERecord?id=CVE-2017-3735 technical
https://cwe.mitre.org/data/definitions/119.html technical
https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N technical
https://www.cve.org/CVERecord?id=CVE-2018-0739 technical
https://cwe.mitre.org/data/definitions/674.html technical
https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H technical
https://www.cve.org/CVERecord?id=CVE-2018-10612 technical
https://cwe.mitre.org/data/definitions/284.html technical
https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H technical
https://www.cve.org/CVERecord?id=CVE-2018-20025 technical

…and 200 more

Open in Interactive Console →