Lucene search
+L
CodesysRuntime Toolkit

6 matches found

cve
cve
added 2021/10/26 9:55 a.m.86 views

CVE-2021-34593

CVE-2021-34593 affects CODESYS V2 Runtime Toolkit 32‑Bit full and PLCWinNT prior to V2.4.7.56. Unauthenticated crafted invalid requests may trigger several denial‑of‑service conditions, potentially stopping running PLC programs, leaking memory, or blocking additional clients from accessing the PL...

7.5CVSS7.5AI score0.02649EPSS
Web
cve
cve
added 2022/06/24 7:46 a.m.84 views

CVE-2022-31805

The CVE-2022-31805 issue affects the CODESYS Development System (multiple components across several versions) where passwords used to authenticate between clients and servers are transmitted in plaintext. Public details in the NVD entry show network-based exploitation with partial confidentiality...

7.5CVSS7.8AI score0.00974EPSS
cve
cve
added 2021/05/25 12:33 p.m.63 views

CVE-2021-30195

CVE-2021-30195 affects the CODESYS V2 runtime system prior to 2.4.7.55. The vulnerability is caused by Improper Input Validation, leading to an out-of-bounds read that can cause a denial-of-service. Affected components are the CODESYS Runtime Toolkit 32‑bit full and PLCWinNT prior to 2.4.7.55. Mi...

7.5CVSS8AI score0.0718EPSS
cve
cve
added 2021/05/25 12:33 p.m.52 views

CVE-2021-30186

CVE-2021-30186 affects CODESYS V2 runtime system SP prior to 2.4.7.55, where a heap-based buffer overflow is triggered by a crafted request. Public sources describe this as a vulnerability in the CODESYS Runtime Toolkit/PLCWinNT stack, enabling denial-of-service and, per ICS background, potential...

7.5CVSS8AI score0.07356EPSS
cve
cve
added 2021/08/03 3:58 p.m.52 views

CVE-2021-33486

CVE-2021-33486 affects the CODESYS V3 Runtime Toolkit for VxWorks. According to multiple sources, all versions from V3.5.8.0 and earlier up to V3.5.17.10 are affected by Improper Handling of Exceptional Conditions. Public documents do not provide exploitation details or explicit remediation steps...

7.5CVSS7.6AI score0.00961EPSS
cve
cve
added 2025/12/01 10:2 a.m.15 views

CVE-2025-41738

The CVE-2025-41738 entry describes an unauthenticated remote attacker who can cause the CODESYS Control runtime’s visualization server to access a resource using a pointer of the wrong type, potentially causing a denial-of-service (DoS). Across connected sources (Red Hat, CIRCL, NVD, CVE List, EU...

7.5CVSS6.7AI score0.0034EPSS