CODESYS Development System - Deserialization of Untrusted Data

A vulnerability has been discovered in the print engine of the CODESYS development system. If a CODESYS project file or archive file was crafted in a specific way, the CODESYS development system could execute arbitrary code when a user opens these files and configures the print/printer options or prints the project or parts of it. This arbitrary code would be executed in the context of the user who was tricked into opening the project.

The CODESYS development system deserializes potentially untrusted data and thereby executes arbitrary code when a user opens and edits a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context and can compromise system integrity, confidentiality, and availability.

Open/install CODESYS archives, projects and packages from trustworthy sources only.

Update the following products to version 3.5.21.40.
* CODESYS Development System

When existing CODESYS project files are opened with a fixed CODESYS Development system version, the option keys "PageSettings" and "PrinterSettings" are now obsolete and will be reset. As a result printer and page settings will be lost and have to be reconfigured. Only these specific parts of "Project Options -> Page Setup" are dropped by the update. The configured Header, Footer, TitlePage and Document options will be kept.

The CODESYS Development System can be downloaded and installed directly with the CODESYS Installer or be downloaded from the CODESYS Store. Alternatively, as well as for all other products, you will find further information on obtaining the software update in the CODESYS Update area https://www.codesys.com/download/.

CODESYS GmbH thanks the following parties for their efforts:

• CERT@VDE for coordination (see https://www.certvde.com )
• MengyuXia from Beijing Aerospace Wanyuan Science & Technology Co, Ltd. for reporting