CVE-2025-41659
- EPSS 0.03%
- Published 04.08.2025 08:15:48
- Last modified 04.08.2025 15:06:15
A low-privileged attacker can remotely access the PKI folder of the CODESYS Control runtime system and thus read and write certificates and its keys. This allows sensitive data to be extracted or to accept certificates as trusted. Although all servic...
CVE-2025-41691
- EPSS 0.12%
- Published 04.08.2025 08:15:48
- Last modified 04.08.2025 15:06:15
An unauthenticated remote attacker may trigger a NULL pointer dereference in the affected CODESYS Control runtime systems by sending specially crafted communication requests, potentially leading to a denial-of-service (DoS) condition.
CVE-2023-5751
- EPSS 0.07%
- Published 04.06.2024 09:15:09
- Last modified 21.11.2024 08:42:24
A local attacker with low privileges can read and modify any users files and cause a DoS in the working directory of the affected products due to exposure of resource to wrong sphere.
CVE-2022-22508
- EPSS 0.11%
- Published 15.05.2023 10:15:09
- Last modified 21.11.2024 06:46:54
Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.