VDB
CVE-2023-37559
CVE-2023-37559
PUBLISHED
CVSS 6.5 MEDIUM
After successful authentication as a user in multiple CODESYS products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition.
EPSS 0.20% · 42.0th percentile
Risk Scores
CVSS 3.1
6.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.20%
42.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ABB | ACS6000 Firmware Version >=LAAAA 2.10.0|<=LAAAB 5.06.1 | |
| ABB | DCS880 memory unit incl. DCC | |
| ABB | ACS880 IGBT Supply Control Program YLHLX < v1.30 | |
| ABB | ACS880 Test Bench Control Program ATBLX <= v3.44.0.0 | |
| ABB | ACS880 Primary Control Program AINLX < v3.47 | |
| ABB | ACS5000 Firmware Version >=LAAAB 4.03.0|<= LAAAB 5.06.1 | |
| ABB | ACS880 IGBT Supply Control Program ALHLX < v3.43 | |
| ABB | DCS880 memory unit incl. ABB Drive Application Builder license (IEC 61131-3) | |
| ABB | ACS880 IGBT Supply Control Program YISLX < v1.30 | |
| ABB | ACS880 IGBT Supply Control Program AISLX < v3.43 | |
| ABB | DCS880 memory unit incl. DEMag | |
| ABB | DCT880 memory unit incl. ABB Drive Application Builder license (IEC 61131-3) | |
| ABB | DCT880 memory unit incl. Power Optimizer | |
| ABB | ACS880 Position Control Program APCLX <= v1.04.0.5 | |
| ABB | ACS6080 Firmware Version >=LAAAA 2.10.0|<=LAAAB 5.06.1 | |
| ABB | ACS880 Primary Control Program YINLX < v1.30 |
Timeline
- Aug 3, 2023 CVE Published
- Aug 4, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
- Oct 11, 2023 EPSS Score
- Nov 13, 2023 EPSS Score
- Dec 17, 2023 EPSS Score
- Jan 20, 2024 EPSS Score
- Feb 23, 2024 EPSS Score
- Mar 28, 2024 EPSS Score
- Apr 30, 2024 EPSS Score
- Jun 3, 2024 EPSS Score
- Jul 7, 2024 EPSS Score
References
- https://psirt.abb.com/csaf/2025/9akk108470a9989.json advisory
- https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17764&token=4b2f3cf3a800d076b22f18d49f278bd8883dbd46&download= advisory
- https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17765&token=04e117e1408fdb8e02b4bc821aa3be819668aef4&download= advisory
- https://new.abb.com/drives/what-is-a-variable-speed-drive advisory
- https://new.abb.com/drives/medium-voltage-ac-drives/acs6080 advisory
- https://new.abb.com/drives/medium-voltage-ac-drives/acs5000 advisory
- https://search.abb.com/library/Download.aspx?DocumentID=9AKK108469A4323&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://search.abb.com/library/Download.aspx?DocumentID=9AKK108470A9989&LanguageCode=en&DocumentPartId=pdf&Action=Launch advisory
- https://nvd.nist.gov/vuln/detail/CVE-2023-37559 advisory
- https://psirt.abb.com/csaf/2025/9akk108470a9494.json advisory
- https://search.abb.com/library/Download.aspx?DocumentID=9AKK108470A9494&LanguageCode=en&DocumentPartId=pdf&Action=Launch advisory
- https://psirt.abb.com/csaf/2025/9akk108470a9491.json advisory
- https://library.abb.com/d/3AXD50001000998 advisory
- https://library.abb.com/d/3AUA0000085967 advisory
- https://global.abb/group/en/media/resources/glossary advisory
- https://library.abb.com/d/3AXD50001019464 advisory
- https://search.abb.com/library/Download.aspx?DocumentID=9AKK108470A9491&LanguageCode=en&DocumentPartId=pdf&Action=Launch advisory