High severity7.5NVD Advisory· Published May 3, 2021· Updated May 29, 2026

CVE-2021-29241

Description

CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).

Affected products

Codesys/Control For Beaglebone Sl
cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*
Range: >=3.0,<4.0.1.0
Codesys/Control For Empc A\/imx6 Sl
cpe:2.3:a:codesys:control_for_empc-a\/imx6_sl:*:*:*:*:*:*:*:*
Range: >=3.0,<4.0.1.0
Codesys/Control For Pfc200 Sl2 versions
cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*range: >=3.0,<4.0.1.0
- cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*range: >=3.0,<3.5.16.0
Codesys/Control For Linux Sl
cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*
Range: >=3.0,<4.0.1.0
Codesys/Control For Pfc100 Sl
cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*
Range: >=3.0,<3.5.16.0
Codesys/Control For Raspberry Pi Sl
cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*
Range: >=3.0,<4.0.1.0
Codesys/Control V3 Runtime System Toolkit
cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*
Range: >=3.0,<3.5.16.70
Codesys/Development System
cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*
Range: >=3.0,<3.5.16.70
Codesys/Edge Gateway2 versions
cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:linux:*:*+ 1 more
- cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:linux:*:*range: >=3.0,<4.1.0.0
- cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:windows:*:*range: >=3.0,<3.5.16.70
Codesys/Gateway V32 versions
cpe:2.3:a:codesys:gateway:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:codesys:gateway:*:*:*:*:*:*:*:*range: >=3.0,<3.5.16.70
- (no CPE)range: <3.5.16.70
CODESYS/Gateway 3description

cvss	0.488
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000

CVE-2021-29241

Description

Affected products

Patches

Vulnerability mechanics

References

News mentions