Lucene search

K

Codesys Security Vulnerabilities

cve
cve

CVE-2015-6460

Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Server before 2.3.9.34 allow remote attackers to execute arbitrary code via opcode (1) 0x3ef or (2)...

8AI Score

0.111EPSS

2022-07-08 12:00 AM
29
cve
cve

CVE-2022-31804

The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. An unauthenticated attacker may allocate an arbitrary amount of memory, which may lead to a crash of the Gateway due to an out-of-memory...

7.5CVSS

8AI Score

0.001EPSS

2022-06-24 08:15 AM
40
4
cve
cve

CVE-2022-31802

In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only a part of the the specified password is been compared to the real CODESYS Gateway password. An attacker may perform authentication by specifying a small password that matches the corresponding part of the longer real CODESYS Gateway....

9.8CVSS

9.6AI Score

0.002EPSS

2022-06-24 08:15 AM
38
4
cve
cve

CVE-2022-31803

In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing...

5.3CVSS

6.4AI Score

0.001EPSS

2022-06-24 08:15 AM
45
2
cve
cve

CVE-2022-31806

In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the...

9.8CVSS

9.5AI Score

0.002EPSS

2022-06-24 08:15 AM
44
4
cve
cve

CVE-2022-31805

In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers...

7.5CVSS

8AI Score

0.002EPSS

2022-06-24 08:15 AM
43
7
cve
cve

CVE-2022-22515

A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected...

8.1CVSS

8.2AI Score

0.001EPSS

2022-06-01 12:00 AM
59
cve
cve

CVE-2022-22518

A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the applied security...

6.5CVSS

6.4AI Score

0.001EPSS

2022-04-07 07:15 PM
45
cve
cve

CVE-2022-22516

The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory...

7.8CVSS

7.4AI Score

0.0004EPSS

2022-04-07 07:15 PM
54
cve
cve

CVE-2022-22519

A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime...

7.5CVSS

7.7AI Score

0.003EPSS

2022-04-07 07:15 PM
99
cve
cve

CVE-2022-22513

An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a...

6.5CVSS

6.3AI Score

0.001EPSS

2022-04-07 07:15 PM
57
cve
cve

CVE-2022-22517

An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be...

7.5CVSS

7.5AI Score

0.002EPSS

2022-04-07 07:15 PM
52
cve
cve

CVE-2022-22514

An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be written. If...

7.1CVSS

6.8AI Score

0.001EPSS

2022-04-07 07:15 PM
63
cve
cve

CVE-2021-34599

Affected versions of CODESYS Git in Versions prior to V1.1.0.0 lack certificate validation in HTTPS handshakes. CODESYS Git does not implement certificate validation by default, so it does not verify that the server provides a valid and trusted HTTPS certificate. Since the certificate of the...

7.4CVSS

7.3AI Score

0.001EPSS

2021-12-01 09:15 AM
14
2
cve
cve

CVE-2021-34593

In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communication clients may be blocked from accessing.....

7.5CVSS

7.5AI Score

0.103EPSS

2021-10-26 10:15 AM
50
2
cve
cve

CVE-2021-34595

A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory...

8.1CVSS

7.7AI Score

0.001EPSS

2021-10-26 10:15 AM
26
2
cve
cve

CVE-2021-34596

A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service...

6.5CVSS

6.2AI Score

0.001EPSS

2021-10-26 10:15 AM
24
cve
cve

CVE-2021-34584

Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to...

9.1CVSS

8.8AI Score

0.003EPSS

2021-10-26 10:15 AM
31
cve
cve

CVE-2021-34583

Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to...

7.5CVSS

7.6AI Score

0.002EPSS

2021-10-26 10:15 AM
20
cve
cve

CVE-2021-34586

In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service...

7.5CVSS

7.4AI Score

0.001EPSS

2021-10-26 10:15 AM
22
cve
cve

CVE-2021-34585

In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service...

7.5CVSS

7.3AI Score

0.001EPSS

2021-10-26 10:15 AM
33
cve
cve

CVE-2021-21869

An unsafe deserialization vulnerability exists in the Engine.plugin ProfileInformation ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this.....

7.8CVSS

7.7AI Score

0.001EPSS

2021-08-25 07:15 PM
29
2
cve
cve

CVE-2021-21867

An unsafe deserialization vulnerability exists in the ObjectManager.plugin ObjectStream.ProfileByteArray functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger....

7.8CVSS

7.7AI Score

0.001EPSS

2021-08-18 03:15 PM
30
cve
cve

CVE-2021-21868

An unsafe deserialization vulnerability exists in the ObjectManager.plugin Project.get_MissingTypes() functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger...

7.8CVSS

7.7AI Score

0.001EPSS

2021-08-18 03:15 PM
34
cve
cve

CVE-2021-21863

A unsafe deserialization vulnerability exists in the ComponentModel Profile.FromFile() functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

7.8CVSS

7.7AI Score

0.001EPSS

2021-08-05 08:15 PM
20
5
cve
cve

CVE-2021-21866

A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation.ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger....

7.8CVSS

7.7AI Score

0.001EPSS

2021-08-02 09:15 PM
33
3
cve
cve

CVE-2021-21865

A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone() functionality of CODESYS GmbH CODESYS Development System 3.5.16. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

7.8CVSS

7.7AI Score

0.001EPSS

2021-08-02 09:15 PM
29
2
cve
cve

CVE-2021-21864

A unsafe deserialization vulnerability exists in the ComponentModel ComponentManager.StartupCultureSettings functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to...

7.8CVSS

7.7AI Score

0.001EPSS

2021-08-02 09:15 PM
45
4
cve
cve

CVE-2019-5105

An exploitable memory corruption vulnerability exists in the Name Service Client functionality of 3S-Smart Software Solutions CODESYS GatewayService. A specially crafted packet can cause a large memcpy, resulting in an access violation and termination of the process. An attacker can send a packet.....

7.5CVSS

7.7AI Score

0.003EPSS

2020-03-26 03:15 PM
65
cve
cve

CVE-2019-16265

CODESYS V2.3 ENI server up to V3.2.2.24 has a Buffer...

9.8CVSS

9.3AI Score

0.002EPSS

2019-10-25 05:15 PM
87
cve
cve

CVE-2019-13538

3S-Smart Software Solutions GmbH CODESYS V3 Library Manager, all versions prior to 3.5.16.0, allows the system to display active library content without checking its validity, which may allow the contents of manipulated libraries to be displayed or executed. The issue also exists for source...

8.6CVSS

8.3AI Score

0.001EPSS

2019-09-17 08:15 PM
80
2
cve
cve

CVE-2019-13542

3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server, all versions 3.5.11.0 to 3.5.15.0, allows an attacker to send crafted requests from a trusted OPC UA client that cause a NULL pointer dereference, which may trigger a denial-of-service...

6.5CVSS

6.3AI Score

0.001EPSS

2019-09-17 07:15 PM
61
cve
cve

CVE-2019-13548

CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code...

9.8CVSS

9.8AI Score

0.003EPSS

2019-09-13 05:15 PM
239
cve
cve

CVE-2019-13532

CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the...

7.5CVSS

7.9AI Score

0.015EPSS

2019-09-13 05:15 PM
234
cve
cve

CVE-2018-20026

Improper Communication Address Filtering exists in CODESYS V3 products versions prior...

7.5CVSS

7.5AI Score

0.002EPSS

2019-02-19 09:29 PM
31
cve
cve

CVE-2018-20025

Use of Insufficiently Random Values exists in CODESYS V3 products versions prior...

7.5CVSS

7.5AI Score

0.003EPSS

2019-02-19 09:29 PM
28
cve
cve

CVE-2018-10612

In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user...

9.8CVSS

9.3AI Score

0.001EPSS

2019-01-29 04:29 PM
37
cve
cve

CVE-2018-5440

A Stack-based Buffer Overflow issue was discovered in 3S-Smart CODESYS Web Server. Specifically: all Microsoft Windows (also WinCE) based CODESYS web servers running stand-alone Version 2.3, or as part of the CODESYS runtime system running prior to Version V1.1.9.19. A crafted request may cause a.....

9.8CVSS

9.7AI Score

0.004EPSS

2018-02-15 10:29 AM
28
cve
cve

CVE-2017-6025

A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A malicious user could...

9.8CVSS

9.4AI Score

0.002EPSS

2017-05-19 03:29 AM
26
cve
cve

CVE-2017-6027

An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A specially crafted web...

9.8CVSS

9.6AI Score

0.007EPSS

2017-05-19 03:29 AM
29
cve
cve

CVE-2015-6484

3S-Smart CODESYS Gateway Server before 2.3.9.48 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted (1) GET or (2) POST...

6.9AI Score

0.003EPSS

2015-10-25 02:59 AM
21
cve
cve

CVE-2015-6482

Runtime Toolkit before 2.4.7.48 in 3S-Smart CODESYS before 2.3.9.48 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted...

6.7AI Score

0.003EPSS

2015-10-18 07:59 PM
25
cve
cve

CVE-2014-0769

The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion do not require authentication for connections to certain TCP ports, which allows remote attackers to (1) modify the configuration via a request to the debug service on port 4000.....

7.2AI Score

0.005EPSS

2014-04-25 05:12 AM
36
cve
cve

CVE-2014-0760

The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion provide an undocumented access method involving the FTP protocol, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via...

8.1AI Score

0.008EPSS

2014-04-25 05:12 AM
31
cve
cve

CVE-2014-0757

Smart Software Solutions (3S) CoDeSys Runtime Toolkit before 2.4.7.44 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified...

6.9AI Score

0.003EPSS

2014-01-31 06:15 AM
28
cve
cve

CVE-2012-4705

Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted...

7.5AI Score

0.673EPSS

2013-02-24 11:48 AM
111
cve
cve

CVE-2012-4707

3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors that trigger an out-of-bounds memory...

7.8AI Score

0.048EPSS

2013-02-24 11:48 AM
109
cve
cve

CVE-2012-4706

Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer...

6.8AI Score

0.002EPSS

2013-02-24 11:48 AM
104
cve
cve

CVE-2012-4708

Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted...

8AI Score

0.054EPSS

2013-02-24 11:48 AM
104
cve
cve

CVE-2012-4704

Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted...

7.7AI Score

0.069EPSS

2013-02-24 11:48 AM
115
Total number of security vulnerabilities106