Control Runtime
by Codesys
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-41738 | Hig | 0.49 | 7.5 | 0.00 | Dec 1, 2025 | An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service (DoS) condition. | ||
| CVE-2025-41691 | Hig | 0.49 | 7.5 | 0.01 | Aug 4, 2025 | An unauthenticated remote attacker may trigger a NULL pointer dereference in the affected CODESYS Control runtime systems by sending specially crafted communication requests, potentially leading to a denial-of-service (DoS) condition. | ||
| CVE-2019-9009 | Hig | 0.49 | 7.5 | 0.02 | Sep 17, 2019 | An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash. |
- risk 0.49cvss 7.5epss 0.00
An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service (DoS) condition.
- risk 0.49cvss 7.5epss 0.01
An unauthenticated remote attacker may trigger a NULL pointer dereference in the affected CODESYS Control runtime systems by sending specially crafted communication requests, potentially leading to a denial-of-service (DoS) condition.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash.