Codesys

Control For Pfc200 Sl

63 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.62%
  • Veröffentlicht 25.09.2024 08:15:04
  • Zuletzt bearbeitet 15.04.2026 00:35:42

An unauthenticated remote attacker can causes the CODESYS web server to access invalid memory which results in a DoS.

  • EPSS 0.57%
  • Veröffentlicht 04.06.2024 09:15:09
  • Zuletzt bearbeitet 15.04.2026 00:35:42

An unauthenticated remote attacker can use a malicious OPC UA client to send a crafted request to affected CODESYS products which can cause a DoS due to incorrect calculation of buffer size.

  • EPSS 0.96%
  • Veröffentlicht 05.12.2023 15:15:08
  • Zuletzt bearbeitet 21.11.2024 08:43:41

A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device.

  • EPSS 0.66%
  • Veröffentlicht 03.08.2023 13:15:09
  • Zuletzt bearbeitet 21.11.2024 07:34:30

In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.

  • EPSS 0.52%
  • Veröffentlicht 03.08.2023 12:15:10
  • Zuletzt bearbeitet 21.11.2024 08:11:56

After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, pot...

  • EPSS 0.52%
  • Veröffentlicht 03.08.2023 12:15:10
  • Zuletzt bearbeitet 21.11.2024 08:11:55

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potenti...

  • EPSS 0.52%
  • Veröffentlicht 03.08.2023 12:15:10
  • Zuletzt bearbeitet 21.11.2024 08:11:55

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potenti...

  • EPSS 0.41%
  • Veröffentlicht 03.08.2023 12:15:10
  • Zuletzt bearbeitet 21.11.2024 08:11:55

In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast ...

  • EPSS 0.52%
  • Veröffentlicht 03.08.2023 12:15:10
  • Zuletzt bearbeitet 21.11.2024 08:11:55

In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, poten...

  • EPSS 0.52%
  • Veröffentlicht 03.08.2023 12:15:10
  • Zuletzt bearbeitet 21.11.2024 08:11:55

In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, poten...