2 matches found
CVE-2020-12069
CVE-2020-12069 affects CODESYS V3 products containing CmpUserMgr prior to version 3.5.16.0. The CODESYS Control runtime stores online communication passwords using a weak hashing algorithm, enabling a local attacker with low privileges to gain full control of the device. Publicly documented produ...
CVE-2018-25048
The CVE-2018-25048 entry refers to a path-traversal vulnerability in the CODESYS runtime system across multiple versions. The vulnerability allows a remote, low-privilege attacker to access and modify all system files and perform a DoS on the device. Public exploitation details are not provided i...