7.5
CVE-2020-15806
- EPSS 0.59%
- Veröffentlicht 22.07.2020 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:06:13
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Codesys ≫ Control For Beaglebone Version < 3.5.16.10
Codesys ≫ Control For Empc-a/imx6 Version < 3.5.16.10
Codesys ≫ Control For Iot2000 Version < 3.5.16.10
Codesys ≫ Control For Linux Version < 3.5.16.10
Codesys ≫ Control For Pfc100 Version < 3.5.16.10
Codesys ≫ Control For Pfc200 Version < 3.5.16.10
Codesys ≫ Control For Plcnext Version < 3.5.16.10
Codesys ≫ Control For Raspberry Pi Version < 3.5.16.10
Codesys ≫ Control For Wago Touch Panels 600 Version < 3.5.16.10
Codesys ≫ Control Rte SwPlatform- Version >= 3.5.8.60 < 3.5.16.10
Codesys ≫ Control Rte SwPlatformbeckhoff_cx Version >= 3.5.8.60 < 3.5.16.10
Codesys ≫ Control Runtime System Toolkit Version >= 3.0 < 3.5.16.10
Codesys ≫ Control Win Version >= 3.5.9.80 < 3.5.16.10
Codesys ≫ Embedded Target Visu Toolkit Version >= 3.0 < 3.5.16.10
Codesys ≫ Remote Target Visu Toolkit Version >= 3.0 < 3.5.16.10
Codesys ≫ Simulation Runtime Version >= 3.5.9.40 < 3.5.16.10
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.59% | 0.682 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.