VYPR

CODESYS V3

by 3S Smart Software Solutions

CVEs (3)

  • CVE-2018-10612CriJan 29, 2019
    risk 0.64cvss 9.8epss 0.01

    In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user credentials.

  • CVE-2019-9013HigAug 15, 2019
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. All variants of the following CODESYS V3 products in all versions containing the…

  • CVE-2019-5105HigMar 26, 2020
    risk 0.49cvss 7.5epss 0.02

    An exploitable memory corruption vulnerability exists in the Name Service Client functionality of 3S-Smart Software Solutions CODESYS GatewayService. A specially crafted packet can cause a large memcpy, resulting in an access violation and termination of the process. An attacker…