V3

CVEs (26)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2024-41969	Codesys V3	Hig	0.57	8.8	0.01	Nov 18, 2024	A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a missing authentication vulnerability which could lead to full system access and/or DoS.
CVE-2023-37553	Codesys Codesys Control For Raspberry Pi Sl		0.00	—	0.00	Aug 3, 2023	In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a…
CVE-2022-47388	Codesys Codesys Control For Raspberry Pi Sl		0.00	—	0.02	May 15, 2023	An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
CVE-2022-47383	Codesys Codesys Control For Raspberry Pi Sl		0.00	—	0.02	May 15, 2023	An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
CVE-2022-47379	Codesys Codesys Control For Raspberry Pi Sl		0.00	—	0.02	May 15, 2023	An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
CVE-2022-22508	Codesys Codesys Control For Plcnext Sl		0.00	—	0.00	May 15, 2023	Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.
CVE-2022-4224	Codesys Control For Wago Touch Panels 600 Sl		0.00	—	0.01	Mar 23, 2023	In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device.
CVE-2018-25048	Codesys Control V3 Runtime System Toolkit		0.00	—	0.01	Mar 23, 2023	The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device.
CVE-2020-12069	Codesys Codesys V3 Containing The Cmpusermgr		0.00	—	0.00	Dec 26, 2022	In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the…
CVE-2022-30792	Codesys Codesys Control For Raspberry Pi Sl		0.00	—	0.00	Jul 11, 2022	In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.
CVE-2022-32143	Codesys Runtime Toolkit		0.00	—	0.01	Jun 24, 2022	In multiple CODESYS products, file download and upload function allows access to internal files in the working directory e.g. firmware files of the PLC. All requests are processed on the controller only if no level 1 password is configured on the controller or if remote attacker…
CVE-2022-32141	Codesys Runtime Toolkit		0.00	—	0.00	Jun 24, 2022	Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a denial-of-service condition. User interaction is not required.
CVE-2022-32137	Codesys Runtime Toolkit		0.00	—	0.01	Jun 24, 2022	In multiple CODESYS products, a low privileged remote attacker may craft a request, which may cause a heap-based buffer overflow, resulting in a denial-of-service condition or memory overwrite. User interaction is not required.
CVE-2022-32136	Codesys Runtime Toolkit		0.00	—	0.00	Jun 24, 2022	In multiple CODESYS products, a low privileged remote attacker may craft a request that cause a read access to an uninitialized pointer, resulting in a denial-of-service. User interaction is not required.
CVE-2021-34596	Codesys V3		0.00	—	0.00	Oct 26, 2021	A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition.
CVE-2021-34595	Codesys V3		0.00	—	0.00	Oct 26, 2021	A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite.
CVE-2021-34593	Codesys V3		0.00	—	0.04	Oct 26, 2021	In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communication clients may be…
CVE-2021-34586	Codesys V3		0.00	—	0.00	Oct 26, 2021	In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition.
CVE-2021-34585	Codesys Web Server		0.00	—	0.00	Oct 26, 2021	In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service situation.
CVE-2021-34584	Codesys Web Server		0.00	—	0.01	Oct 26, 2021	Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.

CVE-2024-41969HigNov 18, 2024
Codesys
V3
risk 0.57cvss 8.8epss 0.01
A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a missing authentication vulnerability which could lead to full system access and/or DoS.
CVE-2023-37553Aug 3, 2023
Codesys
Codesys Control For Raspberry Pi Sl
risk 0.00cvss —epss 0.00
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a…
CVE-2022-47388May 15, 2023
Codesys
Codesys Control For Raspberry Pi Sl
risk 0.00cvss —epss 0.02
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
CVE-2022-47383May 15, 2023
Codesys
Codesys Control For Raspberry Pi Sl
risk 0.00cvss —epss 0.02
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
CVE-2022-47379May 15, 2023
Codesys
Codesys Control For Raspberry Pi Sl
risk 0.00cvss —epss 0.02
An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
CVE-2022-22508May 15, 2023
Codesys
Codesys Control For Plcnext Sl
risk 0.00cvss —epss 0.00
Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.
CVE-2022-4224Mar 23, 2023
Codesys
Control For Wago Touch Panels 600 Sl
risk 0.00cvss —epss 0.01
In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device.
CVE-2018-25048Mar 23, 2023
Codesys
Control V3 Runtime System Toolkit
risk 0.00cvss —epss 0.01
The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device.
CVE-2020-12069Dec 26, 2022
Codesys
Codesys V3 Containing The Cmpusermgr
risk 0.00cvss —epss 0.00
In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the…
CVE-2022-30792Jul 11, 2022
Codesys
Codesys Control For Raspberry Pi Sl
risk 0.00cvss —epss 0.00
In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.
CVE-2022-32143Jun 24, 2022
Codesys
Runtime Toolkit
risk 0.00cvss —epss 0.01
In multiple CODESYS products, file download and upload function allows access to internal files in the working directory e.g. firmware files of the PLC. All requests are processed on the controller only if no level 1 password is configured on the controller or if remote attacker…
CVE-2022-32141Jun 24, 2022
Codesys
Runtime Toolkit
risk 0.00cvss —epss 0.00
Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a denial-of-service condition. User interaction is not required.
CVE-2022-32137Jun 24, 2022
Codesys
Runtime Toolkit
risk 0.00cvss —epss 0.01
In multiple CODESYS products, a low privileged remote attacker may craft a request, which may cause a heap-based buffer overflow, resulting in a denial-of-service condition or memory overwrite. User interaction is not required.
CVE-2022-32136Jun 24, 2022
Codesys
Runtime Toolkit
risk 0.00cvss —epss 0.00
In multiple CODESYS products, a low privileged remote attacker may craft a request that cause a read access to an uninitialized pointer, resulting in a denial-of-service. User interaction is not required.
CVE-2021-34596Oct 26, 2021
Codesys
V3
risk 0.00cvss —epss 0.00
A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition.
CVE-2021-34595Oct 26, 2021
Codesys
V3
risk 0.00cvss —epss 0.00
A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite.
CVE-2021-34593Oct 26, 2021
Codesys
V3
risk 0.00cvss —epss 0.04
In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communication clients may be…
CVE-2021-34586Oct 26, 2021
Codesys
V3
risk 0.00cvss —epss 0.00
In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition.
CVE-2021-34585Oct 26, 2021
Codesys
Web Server
risk 0.00cvss —epss 0.00
In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service situation.
CVE-2021-34584Oct 26, 2021
Codesys
Web Server
risk 0.00cvss —epss 0.01
Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.

Page 1 of 2