Total
8 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-12069 | 4 Codesys, Festo, Pilz and 1 more | 114 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 111 more | 2024-10-03 | N/A | 7.8 HIGH |
In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device. | |||||
CVE-2022-30792 | 1 Codesys | 19 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 Sl and 16 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected. | |||||
CVE-2022-30791 | 1 Codesys | 19 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 Sl and 16 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected. | |||||
CVE-2020-15806 | 1 Codesys | 16 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 13 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation. | |||||
CVE-2020-12068 | 1 Codesys | 12 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 9 more | 2024-02-28 | 6.4 MEDIUM | 6.5 MEDIUM |
An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS WebVisu and CODESYS Remote TargetVisu are susceptible to privilege escalation. | |||||
CVE-2020-10245 | 1 Codesys | 14 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 11 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow. | |||||
CVE-2020-7052 | 1 Codesys | 15 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 12 more | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition. | |||||
CVE-2019-18858 | 1 Codesys | 14 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 11 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow. |