VYPR
Critical severity9.8NVD Advisory· Published Jan 21, 2013· Updated Jun 16, 2026

CVE-2012-6068

CVE-2012-6068

Description

The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not require authentication, which allows remote attackers to execute commands via the command-line interface in the TCP listener service or transfer files via requests to the TCP listener service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:3s-software:codesys_runtime_system:2.3.9.35:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:3s-software:codesys_runtime_system:2.3.9.35:*:*:*:*:*:*:*
    • cpe:2.3:a:3s-software:codesys_runtime_system:2.3.9.36:*:*:*:*:*:*:*
    • cpe:2.3:a:3s-software:codesys_runtime_system:2.3.9.37:*:*:*:*:*:*:*
    • cpe:2.3:a:3s-software:codesys_runtime_system:2.3.9.8:*:*:*:*:*:*:*
    • cpe:2.3:a:3s-software:codesys_runtime_system:2.4.0:*:*:*:*:*:*:*
  • Range: 2.3.x, 2.4.x

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.