Vulnerabilities (CVE)

Filtered by vendor Codesys Subscribe
Filtered by product Control V3 Runtime System Toolkit
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-12069 4 Codesys, Festo, Pilz and 1 more 114 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 111 more 2024-10-03 N/A 7.8 HIGH
In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device.
CVE-2018-25048 1 Codesys 15 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 12 more 2024-02-28 N/A 8.8 HIGH
The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device.