4 matches found
The vulnerabilities of the ObjectManager plugin and ProfileInformation.ProfileData components of the PLACODESYS Development System application programming interface allow attackers to execute arbitrary commands.
The vulnerability of the ObjectManager plugin and ProfileInformation.FileData components of the PLCODESYS Development System application programming interface is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability can allow an attacker to execute arbitrary...
CVE-2021-21869
An unsafe deserialization vulnerability exists in the Engine.plugin ProfileInformation ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...
PT-2021-7843 · 3S Smart Software Solutions · Codesys Development System
Name of the Vulnerable Software and Affected Versions: CODESYS Development System versions 3.5.16 through 3.5.17 Description: The issue is related to an unsafe deserialization vulnerability in the Engine.plugin ProfileInformation ProfileData functionality. This vulnerability can be exploited by...
CODESYS Development System Engine.plugin ProfileInformation ProfileData Unsafe Deserialization vulnerability
Summary An unsafe deserialization vulnerability exists in the Engine.plugin ProfileInformation ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to...