V3
by Codesys
CVEs (32)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-34584 | Cri | 0.59 | 9.1 | 0.01 | Oct 26, 2021 | Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22. | ||
| CVE-2024-41969 | Hig | 0.57 | 8.8 | 0.00 | Nov 18, 2024 | A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a missing authentication vulnerability which could lead to full system access and/or DoS. | ||
| CVE-2022-47390 | Hig | 0.57 | 8.8 | 0.01 | May 15, 2023 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote… | ||
| CVE-2022-47389 | Hig | 0.57 | 8.8 | 0.01 | May 15, 2023 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote… | ||
| CVE-2022-47386 | Hig | 0.57 | 8.8 | 0.01 | May 15, 2023 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote… | ||
| CVE-2022-47383 | Hig | 0.57 | 8.8 | 0.01 | May 15, 2023 | An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote… | ||
| CVE-2022-47382 | Hig | 0.57 | 8.8 | 0.01 | May 15, 2023 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote… | ||
| CVE-2022-47381 | Hig | 0.57 | 8.8 | 0.01 | May 15, 2023 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | ||
| CVE-2022-47380 | Hig | 0.57 | 8.8 | 0.01 | May 15, 2023 | An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | ||
| CVE-2022-47379 | Hig | 0.57 | 8.8 | 0.02 | May 15, 2023 | An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution. | ||
| CVE-2022-4224 | Hig | 0.57 | 8.8 | 0.01 | Mar 23, 2023 | In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device. | ||
| CVE-2019-9008 | Hig | 0.57 | 8.8 | 0.02 | Sep 17, 2019 | An issue was discovered in 3S-Smart CODESYS V3 through 3.5.12.30. A user with low privileges can take full control over the runtime. | ||
| CVE-2019-9013 | Hig | 0.57 | 8.8 | 0.00 | Aug 15, 2019 | An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. All variants of the following CODESYS V3 products in all versions containing the… | ||
| CVE-2022-1965 | Hig | 0.53 | 8.1 | 0.01 | Jun 24, 2022 | Multiple products of CODESYS implement a improper error handling. A low privilege remote attacker may craft a request, which is not properly processed by the error handling. In consequence, the file referenced by the request could be deleted. User interaction is not required. | ||
| CVE-2021-34595 | Hig | 0.53 | 8.1 | 0.01 | Oct 26, 2021 | A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite. | ||
| CVE-2020-12069 | Hig | 0.51 | 7.8 | 0.00 | Dec 26, 2022 | In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the… | ||
| CVE-2021-34586 | Hig | 0.50 | 7.5 | 0.13 | Oct 26, 2021 | In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition. | ||
| CVE-2022-47391 | Hig | 0.49 | 7.5 | 0.02 | May 15, 2023 | In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service. | ||
| CVE-2022-30791 | Hig | 0.49 | 7.5 | 0.01 | Jul 11, 2022 | In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected. | ||
| CVE-2022-22517 | Hig | 0.49 | 7.5 | 0.01 | Apr 7, 2022 | An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed. |
- risk 0.59cvss 9.1epss 0.01
Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.
- risk 0.57cvss 8.8epss 0.00
A low privileged remote attacker may modify the configuration of the CODESYS V3 service through a missing authentication vulnerability which could lead to full system access and/or DoS.
- risk 0.57cvss 8.8epss 0.01
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
- risk 0.57cvss 8.8epss 0.01
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
- risk 0.57cvss 8.8epss 0.01
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
- risk 0.57cvss 8.8epss 0.01
An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
- risk 0.57cvss 8.8epss 0.01
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote…
- risk 0.57cvss 8.8epss 0.01
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
- risk 0.57cvss 8.8epss 0.01
An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
- risk 0.57cvss 8.8epss 0.02
An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead to a denial-of-service condition, memory overwriting, or remote code execution.
- risk 0.57cvss 8.8epss 0.01
In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device.
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in 3S-Smart CODESYS V3 through 3.5.12.30. A user with low privileges can take full control over the runtime.
- risk 0.57cvss 8.8epss 0.00
An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. All variants of the following CODESYS V3 products in all versions containing the…
- risk 0.53cvss 8.1epss 0.01
Multiple products of CODESYS implement a improper error handling. A low privilege remote attacker may craft a request, which is not properly processed by the error handling. In consequence, the file referenced by the request could be deleted. User interaction is not required.
- risk 0.53cvss 8.1epss 0.01
A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite.
- risk 0.51cvss 7.8epss 0.00
In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the…
- risk 0.50cvss 7.5epss 0.13
In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition.
- risk 0.49cvss 7.5epss 0.02
In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.
- risk 0.49cvss 7.5epss 0.01
In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.
- risk 0.49cvss 7.5epss 0.01
An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed.
Page 1 of 2