6 matches found
CVE-2022-32136
CVE-2022-32136 affects multiple CODESYS products. A low-privilege remote attacker can craft a request to read an uninitialized pointer, causing a denial-of-service without user interaction. The root cause is dereferencing/uninitialized pointers. Impact is DoS; confidentiality/integrity unaffected...
CVE-2022-32139
CVE-2022-32139 affects multiple CODESYS products. An attacker with low privileges can remotely craft a request that triggers an out-of-bounds read, causing a denial-of-service condition without user interaction. The NVD and CVE records describe the impact but do not provide concrete details on af...
CVE-2022-32141
CVE-2022-32141 involves multiple CODESYS products with a buffer over-read caused by insufficient internal buffer read limits when processing a request with an invalid offset. This enables a low-privilege, remote attacker to trigger a denial-of-service condition without user interaction. The avail...
CVE-2022-32140
CVE-2022-32140 affects multiple CODESYS products and describes a buffer overflow caused by an unchecked size during a buffer copy, allowing a low-privileged, remote attacker to trigger a denial-of-service condition without user interaction. The description indicates an attacker can craft a reques...
CVE-2021-34596
CVE-2021-34596 affects CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT before version 2.4.7.56. A crafted request may trigger a read access to an uninitialized pointer, causing a denial-of-service condition. No exploitation details are provided in the documents. Remediation: update to V2.4.7....
CVE-2019-19789
CVE-2019-19789 affects 3S-Smart CODESYS SP Realtime NT before v2.3.7.28, CODESYS Runtime Toolkit 32‑bit full before v2.4.7.54, and CODESYS PLCWinNT before v2.4.7.54. Root cause: NULL pointer dereference. Impact stated in sources includes network access with potential HIGH availability impact (CVS...