CVE-2019-9010

The CVE-2019-9010 issue affects 3S-Smart CODESYS V3 products containing the CmpGateway component, across versions prior to 3.5.14.20 (e.g., BeagleBone, emPC-A/iMX6, IOT2000, Linux, PFC100/200, Raspberry Pi, V3 Runtime Toolkit, Gateway V3, and V3 Development System). Root cause: the CODESYS Gatewa...

CVE-2019-9012

The CVE-2019-9012 entry describes an issue in 3S-Smart CODESYS V3 products where a crafted communication request may cause uncontrolled memory allocations, enabling a denial-of-service condition. Affected are all variants containing the CmpGateway component in versions prior to 3.5.14.20 (includi...

CVE-2018-10612

CVE-2018-10612 affects 3S-Smart Software Solutions GmbH CODESYS Control V3 products containing CmpSecureChannel or CmpUserMgr prior to version 3.5.14.0. Root cause: user access management and online communication encryption are not enabled by default, creating Improper Access Control and allowing...

CVE-2018-20026

CVE-2018-20026 affects 3S-Smart Software Solutions CODESYS V3 products prior to V3.5.14.0. The issue is improper restriction of the communication channel to intended endpoints (CWE-923), enabling an authenticated remote attacker to influence communications, potentially reading/modifying configura...

CVE-2018-20025

CVE-2018-20025 concerns a weakness in CODESYS V3 products prior to version 3.5.14.0 where insufficiently random values are used, impacting confidentiality and integrity. Public disclosures and multiple advisories (NVD entry and ICS/CISA notes) describe risks in the CODESYS Control runtime, web se...