CVE-2025-41659
- EPSS 0.03%
- Veröffentlicht 04.08.2025 08:15:48
- Zuletzt bearbeitet 04.08.2025 15:06:15
A low-privileged attacker can remotely access the PKI folder of the CODESYS Control runtime system and thus read and write certificates and its keys. This allows sensitive data to be extracted or to accept certificates as trusted. Although all servic...
CVE-2025-41691
- EPSS 0.12%
- Veröffentlicht 04.08.2025 08:15:48
- Zuletzt bearbeitet 04.08.2025 15:06:15
An unauthenticated remote attacker may trigger a NULL pointer dereference in the affected CODESYS Control runtime systems by sending specially crafted communication requests, potentially leading to a denial-of-service (DoS) condition.
CVE-2023-5751
- EPSS 0.07%
- Veröffentlicht 04.06.2024 09:15:09
- Zuletzt bearbeitet 21.11.2024 08:42:24
A local attacker with low privileges can read and modify any users files and cause a DoS in the working directory of the affected products due to exposure of resource to wrong sphere.
CVE-2022-22508
- EPSS 0.11%
- Veröffentlicht 15.05.2023 10:15:09
- Zuletzt bearbeitet 21.11.2024 06:46:54
Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.