Codesys

Hmi

31 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-37550

  • EPSS 0.08%
  • Veröffentlicht 03.08.2023 12:15:10
  • Zuletzt bearbeitet 21.11.2024 08:11:55

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potenti...

6.5

CVE-2023-37549

  • EPSS 0.08%
  • Veröffentlicht 03.08.2023 12:15:10
  • Zuletzt bearbeitet 21.11.2024 08:11:55

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potenti...

6.5

CVE-2023-37548

  • EPSS 0.08%
  • Veröffentlicht 03.08.2023 12:15:09
  • Zuletzt bearbeitet 21.11.2024 08:11:54

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potenti...

6.5

CVE-2023-37547

  • EPSS 0.08%
  • Veröffentlicht 03.08.2023 12:15:09
  • Zuletzt bearbeitet 21.11.2024 08:11:54

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potenti...

6.5

CVE-2023-37546

  • EPSS 0.08%
  • Veröffentlicht 03.08.2023 12:15:09
  • Zuletzt bearbeitet 21.11.2024 08:11:54

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potenti...

6.5

CVE-2023-37545

  • EPSS 0.08%
  • Veröffentlicht 03.08.2023 11:15:09
  • Zuletzt bearbeitet 21.11.2024 08:11:54

In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potenti...

8.8

CVE-2018-25048

  • EPSS 0.46%
  • Veröffentlicht 23.03.2023 11:15:12
  • Zuletzt bearbeitet 21.11.2024 04:03:26

The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device.

5

CVE-2022-30792

  • EPSS 0.54%
  • Veröffentlicht 11.07.2022 11:15:08
  • Zuletzt bearbeitet 21.11.2024 07:03:23

In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.

5

CVE-2022-30791

  • EPSS 0.39%
  • Veröffentlicht 11.07.2022 11:15:08
  • Zuletzt bearbeitet 21.11.2024 07:03:23

In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.

7.5

CVE-2021-36763

  • EPSS 0.32%
  • Veröffentlicht 03.08.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:14:02

In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.