Codesys

Control Runtime System Toolkit

52 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2022-22519

  • EPSS 1.31%
  • Published 07.04.2022 19:15:08
  • Last modified 21.11.2024 06:46:56

A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system.

7.5

CVE-2021-36763

  • EPSS 0.32%
  • Published 03.08.2021 16:15:08
  • Last modified 21.11.2024 06:14:02

In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.

9.8

CVE-2021-33485

  • EPSS 0.54%
  • Published 03.08.2021 16:15:08
  • Last modified 21.11.2024 06:08:55

CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.

7.5

CVE-2021-29242

  • EPSS 0.44%
  • Published 03.05.2021 14:15:07
  • Last modified 21.11.2024 06:00:52

CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.

7.5

CVE-2021-29241

  • EPSS 0.56%
  • Published 03.05.2021 14:15:07
  • Last modified 21.11.2024 06:00:51

CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).

7.5

CVE-2020-15806

Exploit
  • EPSS 0.59%
  • Published 22.07.2020 19:15:12
  • Last modified 21.11.2024 05:06:13

CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation.

6.5

CVE-2020-12068

  • EPSS 0.24%
  • Published 14.05.2020 21:15:13
  • Last modified 21.11.2024 04:59:12

An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS WebVisu and CODESYS Remote TargetVisu are susceptible to privilege escalation.

10

CVE-2020-10245

Exploit
  • EPSS 0.83%
  • Published 26.03.2020 04:15:11
  • Last modified 21.11.2024 04:55:03

CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.

6.5

CVE-2020-7052

Exploit
  • EPSS 0.76%
  • Published 24.01.2020 20:15:10
  • Last modified 21.11.2024 05:36:34

CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition.

9.8

CVE-2019-18858

Exploit
  • EPSS 0.52%
  • Published 20.11.2019 18:15:10
  • Last modified 21.11.2024 04:33:43

CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.