Codesys

Control For Pfc200 Sl

63 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.59%
  • Veröffentlicht 07.04.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:46:56

A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the applied security policy.

  • EPSS 1.27%
  • Veröffentlicht 07.04.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:46:56

An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed.

  • EPSS 1.07%
  • Veröffentlicht 07.04.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:46:56

A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products.

  • EPSS 0.86%
  • Veröffentlicht 07.04.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:46:56

An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally...

  • EPSS 1%
  • Veröffentlicht 07.04.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:46:55

An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash.

  • EPSS 1.07%
  • Veröffentlicht 03.05.2021 14:15:07
  • Zuletzt bearbeitet 21.11.2024 06:00:52

CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.

  • EPSS 1.42%
  • Veröffentlicht 03.05.2021 14:15:07
  • Zuletzt bearbeitet 29.05.2026 15:16:20

CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).

  • EPSS 1.75%
  • Veröffentlicht 15.08.2019 18:15:23
  • Zuletzt bearbeitet 21.11.2024 04:50:48

An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS...

  • EPSS 1.92%
  • Veröffentlicht 15.08.2019 18:15:23
  • Zuletzt bearbeitet 21.11.2024 04:50:48

An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the ownership of a communication channel. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the Cm...

  • EPSS 0.3%
  • Veröffentlicht 15.08.2019 17:15:13
  • Zuletzt bearbeitet 21.11.2024 04:50:48

An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. All variants of the following CODESYS V3 products in all...