CVE-2021-34593

In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communication clients may be blocked from accessing the PLC.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:codesys:plcwinnt:*:*:*:*:*:*:*:*
cpe:2.3:a:codesys:runtime_toolkit:*:*:*:*:*:*:x86:*

History

21 Nov 2024, 06:10

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/164716/CODESYS-2.4.7.0-Denial-Of-Service.html - Exploit, Third Party Advisory, VDB Entry () http://packetstormsecurity.com/files/164716/CODESYS-2.4.7.0-Denial-Of-Service.html - Exploit, Third Party Advisory, VDB Entry
References () http://packetstormsecurity.com/files/165874/WAGO-750-8xxx-PLC-Denial-Of-Service-User-Enumeration.html - Exploit, Third Party Advisory, VDB Entry () http://packetstormsecurity.com/files/165874/WAGO-750-8xxx-PLC-Denial-Of-Service-User-Enumeration.html - Exploit, Third Party Advisory, VDB Entry
References () http://seclists.org/fulldisclosure/2021/Oct/64 - Mailing List, Third Party Advisory () http://seclists.org/fulldisclosure/2021/Oct/64 - Mailing List, Third Party Advisory
References () https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16877&token=8faab0fc1e069f4edfca5d5aba8146139f67a175&download= - Vendor Advisory () https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16877&token=8faab0fc1e069f4edfca5d5aba8146139f67a175&download= - Vendor Advisory

Information

Published : 2021-10-26 10:15

Updated : 2024-11-21 06:10


NVD link : CVE-2021-34593

Mitre link : CVE-2021-34593

CVE.ORG link : CVE-2021-34593


JSON object : View

Products Affected

codesys

  • plcwinnt
  • runtime_toolkit
CWE
CWE-755

Improper Handling of Exceptional Conditions