Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
CodesysControl For Beaglebone

14 matches found

CVE
CVEadded 2019/09/13 4:58 p.m.269 views

CVE-2019-13548

CVE-2019-13548 affects the CODESYS V3 web server (CmpWebServer) included in CODESYS Control runtimes prior to version 3.5.14.10. The vulnerability is a stack-based buffer overflow triggered by specially crafted HTTP/HTTPS requests, enabling a remote attacker to cause a denial of service and, in s...

9.8CVSS9.8AI score0.02396EPSS
CVE
CVEadded 2019/09/13 4:58 p.m.260 views

CVE-2019-13532

The CVE applies to the CODESYS V3 web server (CmpWebServer) used in multiple CODESYS runtime products. Affected: all versions prior to 3.5.14.10 of the CODESYS V3 web server. Root cause: path traversal via specially crafted HTTP/HTTPS requests that may allow access to files outside the restricted...

7.5CVSS7.9AI score0.01559EPSS
CVE
CVEadded 2020/03/26 3:45 a.m.120 views

CVE-2020-10245

CVE-2020-10245 concerns the CODESYS V3 web server (used in CODESYS Control runtime systems) with a heap-based buffer overflow in the web server handling path. Public sources in the connected documents confirm the issue affects CODESYS V3 web server before 3.5.15.40, enabling a remote attacker to ...

10CVSS9.5AI score0.0141EPSS
CVE
CVEadded 2019/09/17 6:56 p.m.92 views

CVE-2019-13542

CVE-2019-13542 affects 3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server (versions 3.5.11.0 to 3.5.15.0). The vulnerability is a NULL pointer dereference triggered by crafted requests from a trusted OPC UA client, potentially causing a denial-of-service condition. Public sources (CISA ICS...

6.5CVSS6.3AI score0.00156EPSS
CVE
CVEadded 2022/07/11 10:40 a.m.82 views

CVE-2022-30791

CODESYS V3 contains a vulnerability in the CmpBlkDrvTcp component where uncontrolled resource consumption can cause the system to block new TCP connections. Existing connections remain unaffected. This CVE-2022-30791 entry is corroborated by multiple sources (e.g., NVD), but the connected documen...

7.5CVSS7.5AI score0.00389EPSS
CVE
CVEadded 2019/11/20 5:4 p.m.77 views

CVE-2019-18858

CODESYS V3 web server (distributed with CODESYS Control runtime systems) is affected by a heap/buffer overflow before version 3.5.15.20. The issue arises from improper validation in the web server URL handling, allowing remote, unauthenticated attackers to crash or potentially overwrite memory. M...

9.8CVSS9.4AI score0.00409EPSS
CVE
CVEadded 2022/12/26 12:0 a.m.65 views

CVE-2020-12069

CVE-2020-12069 affects CODESYS V3 products containing CmpUserMgr prior to version 3.5.16.0. The CODESYS Control runtime stores online communication passwords using a weak hashing algorithm, enabling a local attacker with low privileges to gain full control of the device. Publicly documented produ...

7.8CVSS7.8AI score0.0006EPSS
CVE
CVEadded 2020/07/22 6:14 p.m.63 views

CVE-2020-15806

CVE-2020-15806 affects the CODESYS Control runtime system before 3.5.16.10. The issue is Uncontrolled Memory Allocation, which can cause the runtime to crash and, per linked sources, may lead to a denial of service. Technical details in the connected documents confirm the vulnerable component and...

7.5CVSS7.5AI score0.00464EPSS
CVE
CVEadded 2020/01/24 7:31 p.m.57 views

CVE-2020-7052

CVE-2020-7052 affects CODESYS Control V3, Gateway V3 and HMI V3 before 3.5.15.30. The issue is uncontrolled memory allocation that can lead to a remote denial of service. The connected sources reiterate the same affected products and condition; no explicit patch/version details are provided in th...

6.5CVSS6.4AI score0.00563EPSS
CVE
CVEadded 2019/09/17 1:15 p.m.56 views

CVE-2019-9008

CVE-2019-9008 concerns 3S-Smart CODESYS V3 online user management with the CmpUserMgr component. Affected products (prior to version 3.5.13.0) may suffer Incorrect Permission Assignment for Critical Resource , allowing an authenticated remote attacker to access or manipulate restricted functional...

8.8CVSS8.6AI score0.00528EPSS
CVE
CVEadded 2019/09/17 3:34 p.m.54 views

CVE-2019-9009

CVE-2019-9009 affects 3S-Smart CODESYS V3 runtime systems prior to 3.5.15.0. A crafted network packet can cause the Control Runtime to crash, enabling a remote denial of service. The issue is associated with CODESYS V3 products containing a communication server, and patches are available in versi...

7.5CVSS7.4AI score0.00308EPSS
CVE
CVEadded 2023/03/23 10:45 a.m.52 views

CVE-2018-25048

The CVE-2018-25048 entry refers to a path-traversal vulnerability in the CODESYS runtime system across multiple versions. The vulnerability allows a remote, low-privilege attacker to access and modify all system files and perform a DoS on the device. Public exploitation details are not provided i...

8.8CVSS8.6AI score0.00997EPSS
CVE
CVEadded 2020/05/14 8:29 p.m.51 views

CVE-2020-12068

CVE-2020-12068 affects CODESYS Development System prior to 3.5.16.0, with WebVisu and Remote TargetVisu susceptible to privilege escalation. The issue can be exploited remotely over the network with low attack complexity and no authentication required, enabling an attacker to escalate privileges ...

6.5CVSS6.5AI score0.00175EPSS
CVE
CVEadded 2022/07/11 10:40 a.m.51 views

CVE-2022-30792

CVE-2022-30792 concerns CODESYS V3’s CmpChannelServer, where an uncontrolled resource consumption flaw allows an unauthorized attacker to block new communication channel connections. The impact is limited to availability (existing connections remain functional), with CVSS indicating high impact (...

7.5CVSS7.5AI score0.00389EPSS