59 matches found
EUVD-2021-20189
Malware in sbrugna...
EUVD-2014-0788
Malware in sbrugna...
EUVD-2012-5943
Malware in sbrugna...
EUVD-2015-6423
Malware in sbrugna...
EUVD-2025-23492
Malicious code in bioql PyPI...
Wago CODESYS V2 Runtime Toolkit Access of Uninitialized Pointer (CVE-2021-34596)
A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot fo...
Wago CODESYS V2 Runtime Toolkit Improper Handling of Exceptional Conditions (CVE-2021-34593)
In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communication clients may be blocked from accessing...
CVE-2025-41658
CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged operating system users due to default file permissions...
CVE-2025-41658
CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged operating system users due to default file permissions...
CVE-2025-41658
The CVE-2025-41658 entry concerns CODESYS Runtime Toolkit-based products where default file permissions may allow local low-privileged OS users to access sensitive files. The publicly provided material confirms the affected component is the CODESYS Runtime Toolkit and cites potential exposure of ...
CODESYS Runtime Toolkit 安全漏洞
CODESYS Runtime Toolkit is a comprehensive software development kit for programmable controllers from CODESYS, Germany. It is used to transform embedded platforms or industrial PCs into controllers and supports secondary development. A security vulnerability exists in CODESYS Runtime Toolkit, whi...
CODESYS Runtime Toolkit 安全漏洞
CODESYS Runtime Toolkit is a comprehensive software development kit for programmable controllers from CODESYS, Germany. It is used to convert embedded platforms or industrial PCs into controllers and supports secondary development. A security vulnerability exists in CODESYS Runtime Toolkit versio...
Multiple Codesys Products Input Validation Error Vulnerability
3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...
Multiple Codesys Products Input Validation Error Vulnerability
3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...
Multiple Codesys Products Buffer Error Vulnerability
3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. A buffer error vulnerability exists in several Codesys products, which stems from a specially crafted remote communication request that could cause the CmpAppBP component to overwrite...
CVE-2022-31806
In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller...
CVE-2022-31806
In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller...
Design/Logic Flaw
In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller...
CVE-2022-31806
CVE-2022-31806 affects CODESYS V2 PLCWinNT and Runtime Toolkit 32-bit, prior to version V2.4.7.57, due to insecure/default password protection not enabled and no prompt to enable at login when no password exists. Public sources (CISA ICS advisory ICSA-25-329-05) describe potential consequences as...
PT-2022-20946 · 3S Smart Software Solutions · Codesys V2 Plcwinnt +1
Name of the Vulnerable Software and Affected Versions: CODESYS V2 PLCWinNT and Runtime Toolkit 32 versions prior to V2.4.7.57 Description: The issue concerns password protection not being enabled by default. In cases where no password is set at the controller, there is no information or prompt to...