CVE-2022-22517
- EPSS 1.27%
- Veröffentlicht 07.04.2022 19:15:08
- Zuletzt bearbeitet 21.11.2024 06:46:56
An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed.
CVE-2022-22518
- EPSS 0.59%
- Veröffentlicht 07.04.2022 19:15:08
- Zuletzt bearbeitet 21.11.2024 06:46:56
A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the applied security policy.
CVE-2022-22519
- EPSS 1.4%
- Veröffentlicht 07.04.2022 19:15:08
- Zuletzt bearbeitet 21.11.2024 06:46:56
A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system.
CVE-2021-29242
- EPSS 1.07%
- Veröffentlicht 03.05.2021 14:15:07
- Zuletzt bearbeitet 21.11.2024 06:00:52
CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.
CVE-2021-29241
- EPSS 1.42%
- Veröffentlicht 03.05.2021 14:15:07
- Zuletzt bearbeitet 29.05.2026 15:16:20
CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).
CVE-2019-9012
- EPSS 1.75%
- Veröffentlicht 15.08.2019 18:15:23
- Zuletzt bearbeitet 21.11.2024 04:50:48
An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS...
CVE-2019-9010
- EPSS 1.92%
- Veröffentlicht 15.08.2019 18:15:23
- Zuletzt bearbeitet 21.11.2024 04:50:48
An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the ownership of a communication channel. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the Cm...
CVE-2019-9013
- EPSS 0.3%
- Veröffentlicht 15.08.2019 17:15:13
- Zuletzt bearbeitet 21.11.2024 04:50:48
An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. All variants of the following CODESYS V3 products in all...
CVE-2018-20026
- EPSS 3.04%
- Veröffentlicht 19.02.2019 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:00:47
Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0.
CVE-2018-20025
- EPSS 2.56%
- Veröffentlicht 19.02.2019 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:00:46
Use of Insufficiently Random Values exists in CODESYS V3 products versions prior V3.5.14.0.