VYPR

Control Runtime

by Codesys

CVEs (3)

  • CVE-2025-41738HigDec 1, 2025
    risk 0.49cvss 7.5epss 0.00

    An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service (DoS) condition.

  • CVE-2025-41691HigAug 4, 2025
    risk 0.49cvss 7.5epss 0.01

    An unauthenticated remote attacker may trigger a NULL pointer dereference in the affected CODESYS Control runtime systems by sending specially crafted communication requests, potentially leading to a denial-of-service (DoS) condition.

  • CVE-2019-9009HigSep 17, 2019
    risk 0.49cvss 7.5epss 0.02

    An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash.