Find a vulnerability
Search criteria
368 vulnerabilities by codesys
CVE-2026-8047 (GCVE-0-2026-8047)
Vulnerability from nvd – Published: 2026-05-26 06:49 – Updated: 2026-05-26 10:48- CWE-1284 - Improper Validation of Specified Quantity in Input
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Control RTE (SL) |
Affected:
3.5.21.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS Control RTE (for Beckhoff CX) SL |
Affected:
3.5.21.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS Control Win (SL) |
Affected:
3.5.21.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS HMI (SL) |
Affected:
3.5.21.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS Runtime Toolkit |
Affected:
3.5.21.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS Control for BeagleBone SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for emPC-A/iMX6 SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for IOT2000 SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux ARM SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC100 SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC200 SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PLCnext SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Raspberry Pi SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for WAGO Touch Panels 600 SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Virtual Control SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8047",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T10:45:06.909963Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T10:48:24.087Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.5.21.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (for Beckhoff CX) SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.5.21.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control Win (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.5.21.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS HMI (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.5.21.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.5.21.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for BeagleBone SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for emPC-A/iMX6 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for IOT2000 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux ARM SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC100 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC200 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PLCnext SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Raspberry Pi SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for WAGO Touch Panels 600 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Virtual Control SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_rte_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.5.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_rte_for_beckhoff_cx_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.5.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_win_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.5.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_hmi_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.5.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_runtime_toolkit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.5.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_beaglebone_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_empc_a_imx6_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_iot2000_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_linux_arm_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_linux_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_pfc100_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_pfc200_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_plcnext_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_virtual_control_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The affected products perform improper length checking when parsing incoming HTTP requests, resulting in a size-limited out-of-bounds write. An unauthenticated remote attacker can exploit this flaw to cause a denial of service via a system crash on the affected device."
}
],
"value": "The affected products perform improper length checking when parsing incoming HTTP requests, resulting in a size-limited out-of-bounds write. An unauthenticated remote attacker can exploit this flaw to cause a denial of service via a system crash on the affected device."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T06:49:54.813Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://www.certvde.com/en/advisories/VDE-2026-057/"
}
],
"source": {
"advisory": "VDE-2026-057",
"defect": [
"CERT@VDE#642073"
],
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Write in CODESYS Control",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-8047",
"datePublished": "2026-05-26T06:49:54.813Z",
"dateReserved": "2026-05-06T17:12:05.142Z",
"dateUpdated": "2026-05-26T10:48:24.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8046 (GCVE-0-2026-8046)
Vulnerability from nvd – Published: 2026-05-26 06:45 – Updated: 2026-05-26 10:48- CWE-863 - Incorrect Authorization
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Control RTE (SL) |
Affected:
3.0.0.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS Control RTE (for Beckhoff CX) SL |
Affected:
3.0.0.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS Control Win (SL) |
Affected:
3.0.0.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS HMI (SL) |
Affected:
3.0.0.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS Runtime Toolkit |
Affected:
3.0.0.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS Control for BeagleBone SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for emPC-A/iMX6 SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for IOT2000 SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux ARM SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC100 SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC200 SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PLCnext SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Raspberry Pi SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for WAGO Touch Panels 600 SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Virtual Control SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8046",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T10:44:58.318097Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T10:48:37.908Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (for Beckhoff CX) SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control Win (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS HMI (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for BeagleBone SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for emPC-A/iMX6 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for IOT2000 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux ARM SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC100 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC200 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PLCnext SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Raspberry Pi SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for WAGO Touch Panels 600 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Virtual Control SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_rte_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_rte_for_beckhoff_cx_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_win_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_hmi_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_runtime_toolkit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_beaglebone_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_empc_a_imx6_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_iot2000_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_linux_arm_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_linux_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_pfc100_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_pfc200_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_plcnext_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_virtual_control_sl_:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ABB AG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges."
}
],
"value": "The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T06:46:47.189Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://www.certvde.com/en/advisories/VDE-2026-056/"
}
],
"source": {
"advisory": "VDE-2026-056",
"defect": [
"CERT@VDE#642072"
],
"discovery": "UNKNOWN"
},
"title": "Incorrect Authorization in CODESYS Control",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-8046",
"datePublished": "2026-05-26T06:45:21.724Z",
"dateReserved": "2026-05-06T17:10:12.759Z",
"dateUpdated": "2026-05-26T10:48:37.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44469 (GCVE-0-2026-44469)
Vulnerability from nvd – Published: 2026-05-26 06:39 – Updated: 2026-05-26 10:48- CWE-276 - Incorrect Default Permissions
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Development System |
Affected:
3.0.0.0 , < 3.5.22.20
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44469",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T10:44:51.917941Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T10:48:51.345Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Development System",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_development_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "David Ruscheweyh from SEW-EURODRIVE GmbH \u0026 Co KG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before installation, resulting in local privilege escalation."
}
],
"value": "The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before installation, resulting in local privilege escalation."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T06:39:04.477Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://www.certvde.com/en/advisories/VDE-2026-055/"
}
],
"source": {
"advisory": "VDE-2026-055",
"defect": [
"CERT@VDE#642071"
],
"discovery": "UNKNOWN"
},
"title": "Incorrect Default Permissions in CODESYS Development System",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-44469",
"datePublished": "2026-05-26T06:39:04.477Z",
"dateReserved": "2026-05-06T17:08:03.356Z",
"dateUpdated": "2026-05-26T10:48:51.345Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44468 (GCVE-0-2026-44468)
Vulnerability from nvd – Published: 2026-05-26 06:37 – Updated: 2026-05-26 10:49- CWE-276 - Incorrect Default Permissions
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Development System |
Affected:
3.0.0.0 , < 3.5.22.20
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44468",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T10:44:43.453556Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T10:49:05.531Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Development System",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_development_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "David Ruscheweyh from SEW-EURODRIVE GmbH \u0026 Co KG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary components."
}
],
"value": "The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary components."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T06:37:53.259Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://www.certvde.com/en/advisories/VDE-2026-055/"
}
],
"source": {
"advisory": "VDE-2026-055",
"defect": [
"CERT@VDE#642071"
],
"discovery": "UNKNOWN"
},
"title": "Incorrect Default Permissions in CODESYS Development System",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-44468",
"datePublished": "2026-05-26T06:37:53.259Z",
"dateReserved": "2026-05-06T17:08:03.356Z",
"dateUpdated": "2026-05-26T10:49:05.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0393 (GCVE-0-2026-0393)
Vulnerability from nvd – Published: 2026-05-21 10:44 – Updated: 2026-05-21 13:22- CWE-522 - Insufficiently Protected Credentials
| URL | Tags |
|---|---|
| https://codesys.csaf-tp.certvde.com/.well-known/c… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | Visualization |
Affected:
1.0.0.0 , < 4.10.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0393",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-21T13:21:50.408211Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-21T13:22:36.813Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Visualization",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.10.0.0",
"status": "affected",
"version": "1.0.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:visualization:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.0.0",
"versionStartIncluding": "1.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Silvan Schweizer from CTA AG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session."
}
],
"value": "The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-21T10:44:42.517Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-07_vde-2026-052.json"
}
],
"source": {
"advisory": "VDE-2026-052",
"defect": [
"CERT@VDE#641921"
],
"discovery": "UNKNOWN"
},
"title": "CODESYS Visualization - Insufficiently Protected Credentials",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-0393",
"datePublished": "2026-05-21T10:44:42.517Z",
"dateReserved": "2025-11-27T14:02:51.635Z",
"dateUpdated": "2026-05-21T13:22:36.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35227 (GCVE-0-2026-35227)
Vulnerability from nvd – Published: 2026-05-12 07:14 – Updated: 2026-05-13 14:38- CWE-772 - Missing Release of Resource after Effective Lifetime
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Modbus |
Affected:
1.0.0.0 , < 4.6.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35227",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T14:29:08.743627Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T14:38:41.132Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Modbus",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.6.0.0",
"status": "affected",
"version": "1.0.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_modbus:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.0.0",
"versionStartIncluding": "1.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "ABB Schweiz AG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker may exhaust all available TCP connections in the CODESYS Modbus TCP Server stack if a race condition in connection handling is successfully exploited, preventing legitimate clients from establishing new connections.\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker may exhaust all available TCP connections in the CODESYS Modbus TCP Server stack if a race condition in connection handling is successfully exploited, preventing legitimate clients from establishing new connections."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-772",
"description": "CWE-772 Missing Release of Resource after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T07:14:41.517Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2026-042"
}
],
"source": {
"advisory": "VDE-2026-042",
"defect": [
"CERT@VDE#642013"
],
"discovery": "UNKNOWN"
},
"title": "Improper resource management in CODESYS Modbus TCP Server",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-35227",
"datePublished": "2026-05-12T07:14:41.517Z",
"dateReserved": "2026-04-01T19:54:21.499Z",
"dateUpdated": "2026-05-13T14:38:41.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35225 (GCVE-0-2026-35225)
Vulnerability from nvd – Published: 2026-04-23 13:54 – Updated: 2026-04-23 15:35- CWE-754 - Improper Check for Unusual or Exceptional Conditions
| URL | Tags |
|---|---|
| https://codesys.csaf-tp.certvde.com/.well-known/c… | vendor-advisory |
| https://www.certvde.com/en/advisories/VDE-2026-040/ | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS EtherNetIP |
Affected:
1.0.0.0 , < 4.9.0.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35225",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-23T15:35:35.243946Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-23T15:35:43.352Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS EtherNetIP",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.9.0.0",
"status": "affected",
"version": "1.0.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_ethernetip:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.0.0",
"versionStartIncluding": "1.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ABB"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker is able to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack, preventing legitimate clients from establishing new connections."
}
],
"value": "An unauthenticated remote attacker is able to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack, preventing legitimate clients from establishing new connections."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-23T13:54:51.863Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-04_vde-2026-040.json"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.certvde.com/en/advisories/VDE-2026-040/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper timeout handling in CODESYS EtherNetIP",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-35225",
"datePublished": "2026-04-23T13:54:51.863Z",
"dateReserved": "2026-04-01T19:54:21.499Z",
"dateUpdated": "2026-04-23T15:35:43.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3509 (GCVE-0-2026-3509)
Vulnerability from nvd – Published: 2026-03-24 07:42 – Updated: 2026-03-26 12:35- CWE-134 - Use of Externally-Controlled Format String
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Control RTE (SL) |
Affected:
3.5.17.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS Control RTE (for Beckhoff CX) SL |
Affected:
3.5.17.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS Control Win (SL) |
Affected:
3.5.17.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS Runtime Toolkit |
Affected:
3.5.17.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS Control for BeagleBone SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for emPC-A/iMX6 SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for IOT2000 SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux ARM SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC100 SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC200 SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PLCnext SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Raspberry Pi SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for WAGO Touch Panels 600 SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Virtual Control SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3509",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-26T12:35:33.893071Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-26T12:35:48.666Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "3.5.17.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (for Beckhoff CX) SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "3.5.17.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control Win (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "3.5.17.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "3.5.17.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for BeagleBone SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for emPC-A/iMX6 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for IOT2000 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux ARM SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC100 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC200 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PLCnext SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Raspberry Pi SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for WAGO Touch Panels 600 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Virtual Control SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker may be able to control the format string of messages processed by the Audit Log of the CODESYS Control runtime system, potentially resulting in a denial\u2011of\u2011service (DoS) condition.\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker may be able to control the format string of messages processed by the Audit Log of the CODESYS Control runtime system, potentially resulting in a denial\u2011of\u2011service (DoS) condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-134",
"description": "CWE-134 Use of Externally-Controlled Format String",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T07:42:33.820Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2026-018"
}
],
"source": {
"advisory": "VDE-2026-018",
"defect": [
"CERT@VDE#641968"
],
"discovery": "UNKNOWN"
},
"title": "CODESYS Control Audit Log Format String DoS",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-3509",
"datePublished": "2026-03-24T07:42:33.820Z",
"dateReserved": "2026-03-04T09:24:19.745Z",
"dateUpdated": "2026-03-26T12:35:48.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-41660 (GCVE-0-2025-41660)
Vulnerability from nvd – Published: 2026-03-24 07:41 – Updated: 2026-03-24 13:16- CWE-669 - Incorrect Resource Transfer Between Spheres
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Control RTE (SL) |
Affected:
0.0.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS Control RTE (for Beckhoff CX) SL |
Affected:
0.0.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS Control Win (SL) |
Affected:
0.0.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS HMI (SL) |
Affected:
0.0.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS Runtime Toolkit |
Affected:
0.0.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS Control for BeagleBone SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for emPC-A/iMX6 SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for IOT2000 SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux ARM SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC100 SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC200 SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PLCnext SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Raspberry Pi SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for WAGO Touch Panels 600 SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Virtual Control SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41660",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-24T13:15:49.570572Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T13:16:02.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (for Beckhoff CX) SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control Win (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS HMI (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for BeagleBone SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for emPC-A/iMX6 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for IOT2000 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux ARM SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC100 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC200 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PLCnext SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Raspberry Pi SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for WAGO Touch Panels 600 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Virtual Control SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Luca Borzacchiello from Nozomi Networks"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system, enabling unauthorized code execution.\u003cbr\u003e"
}
],
"value": "A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system, enabling unauthorized code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-669",
"description": "CWE-669 Incorrect Resource Transfer Between Spheres",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T07:41:43.004Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2026-011"
}
],
"source": {
"advisory": "VDE-2026-011",
"defect": [
"CERT@VDE#641802"
],
"discovery": "UNKNOWN"
},
"title": "CODESYS Control Boot Application Replacement Enables Code Execution",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41660",
"datePublished": "2026-03-24T07:41:43.004Z",
"dateReserved": "2025-04-16T11:17:48.307Z",
"dateUpdated": "2026-03-24T13:16:02.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2364 (GCVE-0-2026-2364)
Vulnerability from nvd – Published: 2026-03-10 07:22 – Updated: 2026-03-10 16:51- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Installer |
Affected:
0.0.0 , < 2.6.1.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2364",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-10T15:39:49.202345Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T16:51:59.328Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Installer",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "2.6.1.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "David Ruscheweyh from SEW-EURODRIVE GmbH \u0026 Co KG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "If a legitimate user confirms a self-update prompt or initiate an installation of a CODESYS Development System, a low privileged local attacker can gain elevated rights due to a TOCTOU vulnerability in the CODESYS installer.\u003cbr\u003e"
}
],
"value": "If a legitimate user confirms a self-update prompt or initiate an installation of a CODESYS Development System, a low privileged local attacker can gain elevated rights due to a TOCTOU vulnerability in the CODESYS installer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T07:22:42.658Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2026-012"
}
],
"source": {
"advisory": "VDE-2026-012",
"defect": [
"CERT@VDE#641953"
],
"discovery": "UNKNOWN"
},
"title": "CODESYS Installer TOCTOU Privilege Escalation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-2364",
"datePublished": "2026-03-10T07:22:42.658Z",
"dateReserved": "2026-02-11T18:46:15.172Z",
"dateUpdated": "2026-03-10T16:51:59.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-41739 (GCVE-0-2025-41739)
Vulnerability from nvd – Published: 2025-12-01 10:00 – Updated: 2026-01-07 17:09- CWE-125 - Out-of-bounds Read
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS PLCHandler |
Affected:
3.5.21.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS Remote Target Visu |
Affected:
3.5.21.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS Runtime Toolkit |
Affected:
3.5.21.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS Control for BeagleBone SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for emPC-A/iMX6 SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for IOT2000 SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux ARM SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC100 SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC200 SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PLCnext SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Raspberry Pi SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for WAGO Touch Panels 600 SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Edge Gateway for Linux |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS TargetVisu for Linux SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Virtual Control SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41739",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-01T14:03:10.321003Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T17:09:52.535Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS PLCHandler",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.21.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Remote Target Visu",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.21.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.21.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for BeagleBone SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for emPC-A/iMX6 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for IOT2000 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux ARM SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC100 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC200 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PLCnext SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Raspberry Pi SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for WAGO Touch Panels 600 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Edge Gateway for Linux",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS TargetVisu for Linux SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Virtual Control SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "ABB AG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker, who beats a race condition, can exploit a flaw in the communication servers of the CODESYS Control runtime system on Linux and QNX to trigger an out-of-bounds read via crafted socket communication, potentially causing a denial of service.\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker, who beats a race condition, can exploit a flaw in the communication servers of the CODESYS Control runtime system on Linux and QNX to trigger an out-of-bounds read via crafted socket communication, potentially causing a denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T10:00:44.373Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-099"
}
],
"source": {
"advisory": "VDE-2025-099",
"defect": [
"CERT@VDE#641888"
],
"discovery": "UNKNOWN"
},
"title": "CODESYS Control - Linux/QNX SysSocket flaw",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41739",
"datePublished": "2025-12-01T10:00:44.373Z",
"dateReserved": "2025-04-16T11:17:48.320Z",
"dateUpdated": "2026-01-07T17:09:52.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-41738 (GCVE-0-2025-41738)
Vulnerability from nvd – Published: 2025-12-01 10:02 – Updated: 2025-12-01 14:00- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Control RTE (SL) |
Affected:
3.5.18.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS Control RTE (for Beckhoff CX) SL |
Affected:
3.5.18.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS Control Win (SL) |
Affected:
3.5.18.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS HMI (SL) |
Affected:
3.5.18.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS Remote Target Visu |
Affected:
3.5.18.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS Runtime Toolkit |
Affected:
3.5.18.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS Control for BeagleBone SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for emPC-A/iMX6 SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for IOT2000 SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux ARM SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC100 SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC200 SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PLCnext SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Raspberry Pi SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for WAGO Touch Panels 600 SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Virtual Control SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41738",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-01T13:59:44.375519Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T14:00:28.509Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.18.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (for Beckhoff CX) SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.18.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control Win (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.18.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS HMI (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.18.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Remote Target Visu",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.18.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.18.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for BeagleBone SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for emPC-A/iMX6 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for IOT2000 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux ARM SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC100 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC200 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PLCnext SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Raspberry Pi SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for WAGO Touch Panels 600 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Virtual Control SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service (DoS) condition.\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service (DoS) condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T10:02:33.407Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-100"
}
],
"source": {
"advisory": "VDE-2025-100",
"defect": [
"CERT@VDE#641889"
],
"discovery": "UNKNOWN"
},
"title": "CODESYS Control - Invalid type usage in visualization",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41738",
"datePublished": "2025-12-01T10:02:33.407Z",
"dateReserved": "2025-04-16T11:17:48.320Z",
"dateUpdated": "2025-12-01T14:00:28.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-41700 (GCVE-0-2025-41700)
Vulnerability from nvd – Published: 2025-12-01 10:02 – Updated: 2025-12-01 13:59- CWE-502 - Deserialization of Untrusted Data
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Development System |
Affected:
0.0.0 , < 3.5.21.40
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41700",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-01T13:25:21.754600Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T13:59:26.310Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Development System",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "MengyuXia from Beijing Aerospace Wanyuan Science \u0026 Technology Co, Ltd."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T10:02:47.312Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-101"
}
],
"source": {
"advisory": "VDE-2025-101",
"defect": [
"CERT@VDE#641842"
],
"discovery": "UNKNOWN"
},
"title": "CODESYS Development System - Deserialization of Untrusted Data",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41700",
"datePublished": "2025-12-01T10:02:47.312Z",
"dateReserved": "2025-04-16T11:17:48.310Z",
"dateUpdated": "2025-12-01T13:59:26.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8047 (GCVE-0-2026-8047)
Vulnerability from cvelistv5 – Published: 2026-05-26 06:49 – Updated: 2026-05-26 10:48- CWE-1284 - Improper Validation of Specified Quantity in Input
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Control RTE (SL) |
Affected:
3.5.21.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS Control RTE (for Beckhoff CX) SL |
Affected:
3.5.21.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS Control Win (SL) |
Affected:
3.5.21.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS HMI (SL) |
Affected:
3.5.21.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS Runtime Toolkit |
Affected:
3.5.21.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS Control for BeagleBone SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for emPC-A/iMX6 SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for IOT2000 SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux ARM SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC100 SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC200 SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PLCnext SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Raspberry Pi SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for WAGO Touch Panels 600 SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Virtual Control SL |
Affected:
4.15.0.0 , < 4.21.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8047",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T10:45:06.909963Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T10:48:24.087Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.5.21.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (for Beckhoff CX) SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.5.21.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control Win (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.5.21.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS HMI (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.5.21.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.5.21.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for BeagleBone SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for emPC-A/iMX6 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for IOT2000 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux ARM SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC100 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC200 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PLCnext SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Raspberry Pi SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for WAGO Touch Panels 600 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Virtual Control SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_rte_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.5.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_rte_for_beckhoff_cx_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.5.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_win_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.5.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_hmi_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.5.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_runtime_toolkit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.5.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_beaglebone_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_empc_a_imx6_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_iot2000_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_linux_arm_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_linux_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_pfc100_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_pfc200_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_plcnext_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_virtual_control_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "4.15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The affected products perform improper length checking when parsing incoming HTTP requests, resulting in a size-limited out-of-bounds write. An unauthenticated remote attacker can exploit this flaw to cause a denial of service via a system crash on the affected device."
}
],
"value": "The affected products perform improper length checking when parsing incoming HTTP requests, resulting in a size-limited out-of-bounds write. An unauthenticated remote attacker can exploit this flaw to cause a denial of service via a system crash on the affected device."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T06:49:54.813Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://www.certvde.com/en/advisories/VDE-2026-057/"
}
],
"source": {
"advisory": "VDE-2026-057",
"defect": [
"CERT@VDE#642073"
],
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds Write in CODESYS Control",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-8047",
"datePublished": "2026-05-26T06:49:54.813Z",
"dateReserved": "2026-05-06T17:12:05.142Z",
"dateUpdated": "2026-05-26T10:48:24.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-8046 (GCVE-0-2026-8046)
Vulnerability from cvelistv5 – Published: 2026-05-26 06:45 – Updated: 2026-05-26 10:48- CWE-863 - Incorrect Authorization
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Control RTE (SL) |
Affected:
3.0.0.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS Control RTE (for Beckhoff CX) SL |
Affected:
3.0.0.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS Control Win (SL) |
Affected:
3.0.0.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS HMI (SL) |
Affected:
3.0.0.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS Runtime Toolkit |
Affected:
3.0.0.0 , < 3.5.22.20
(semver)
|
|
| CODESYS | CODESYS Control for BeagleBone SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for emPC-A/iMX6 SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for IOT2000 SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux ARM SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC100 SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC200 SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PLCnext SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Raspberry Pi SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for WAGO Touch Panels 600 SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Virtual Control SL |
Affected:
3.0.0.0 , < 4.21.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8046",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T10:44:58.318097Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T10:48:37.908Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (for Beckhoff CX) SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control Win (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS HMI (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for BeagleBone SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for emPC-A/iMX6 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for IOT2000 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux ARM SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC100 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC200 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PLCnext SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Raspberry Pi SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for WAGO Touch Panels 600 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Virtual Control SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_rte_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_rte_for_beckhoff_cx_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_win_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_hmi_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_runtime_toolkit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_beaglebone_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_empc_a_imx6_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_iot2000_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_linux_arm_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_linux_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_pfc100_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_pfc200_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_plcnext_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_control_for_wago_touch_panels_600_sl:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_virtual_control_sl_:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.21.0.0",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ABB AG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges."
}
],
"value": "The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T06:46:47.189Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://www.certvde.com/en/advisories/VDE-2026-056/"
}
],
"source": {
"advisory": "VDE-2026-056",
"defect": [
"CERT@VDE#642072"
],
"discovery": "UNKNOWN"
},
"title": "Incorrect Authorization in CODESYS Control",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-8046",
"datePublished": "2026-05-26T06:45:21.724Z",
"dateReserved": "2026-05-06T17:10:12.759Z",
"dateUpdated": "2026-05-26T10:48:37.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44469 (GCVE-0-2026-44469)
Vulnerability from cvelistv5 – Published: 2026-05-26 06:39 – Updated: 2026-05-26 10:48- CWE-276 - Incorrect Default Permissions
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Development System |
Affected:
3.0.0.0 , < 3.5.22.20
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44469",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T10:44:51.917941Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T10:48:51.345Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Development System",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_development_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "David Ruscheweyh from SEW-EURODRIVE GmbH \u0026 Co KG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before installation, resulting in local privilege escalation."
}
],
"value": "The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before installation, resulting in local privilege escalation."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T06:39:04.477Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://www.certvde.com/en/advisories/VDE-2026-055/"
}
],
"source": {
"advisory": "VDE-2026-055",
"defect": [
"CERT@VDE#642071"
],
"discovery": "UNKNOWN"
},
"title": "Incorrect Default Permissions in CODESYS Development System",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-44469",
"datePublished": "2026-05-26T06:39:04.477Z",
"dateReserved": "2026-05-06T17:08:03.356Z",
"dateUpdated": "2026-05-26T10:48:51.345Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-44468 (GCVE-0-2026-44468)
Vulnerability from cvelistv5 – Published: 2026-05-26 06:37 – Updated: 2026-05-26 10:49- CWE-276 - Incorrect Default Permissions
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Development System |
Affected:
3.0.0.0 , < 3.5.22.20
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-44468",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-26T10:44:43.453556Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T10:49:05.531Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Development System",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.20",
"status": "affected",
"version": "3.0.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_development_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.22.20",
"versionStartIncluding": "3.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "David Ruscheweyh from SEW-EURODRIVE GmbH \u0026 Co KG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary components."
}
],
"value": "The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary components."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-26T06:37:53.259Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://www.certvde.com/en/advisories/VDE-2026-055/"
}
],
"source": {
"advisory": "VDE-2026-055",
"defect": [
"CERT@VDE#642071"
],
"discovery": "UNKNOWN"
},
"title": "Incorrect Default Permissions in CODESYS Development System",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-44468",
"datePublished": "2026-05-26T06:37:53.259Z",
"dateReserved": "2026-05-06T17:08:03.356Z",
"dateUpdated": "2026-05-26T10:49:05.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0393 (GCVE-0-2026-0393)
Vulnerability from cvelistv5 – Published: 2026-05-21 10:44 – Updated: 2026-05-21 13:22- CWE-522 - Insufficiently Protected Credentials
| URL | Tags |
|---|---|
| https://codesys.csaf-tp.certvde.com/.well-known/c… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | Visualization |
Affected:
1.0.0.0 , < 4.10.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0393",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-21T13:21:50.408211Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-21T13:22:36.813Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Visualization",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.10.0.0",
"status": "affected",
"version": "1.0.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:visualization:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.0.0",
"versionStartIncluding": "1.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Silvan Schweizer from CTA AG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session."
}
],
"value": "The affected product may expose credentials remotely between low privileged visualization users during concurrent login operations due to insufficient isolation of authentication data. The vulnerability affects only login operations within an active visualization session."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522 Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-21T10:44:42.517Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-07_vde-2026-052.json"
}
],
"source": {
"advisory": "VDE-2026-052",
"defect": [
"CERT@VDE#641921"
],
"discovery": "UNKNOWN"
},
"title": "CODESYS Visualization - Insufficiently Protected Credentials",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-0393",
"datePublished": "2026-05-21T10:44:42.517Z",
"dateReserved": "2025-11-27T14:02:51.635Z",
"dateUpdated": "2026-05-21T13:22:36.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35227 (GCVE-0-2026-35227)
Vulnerability from cvelistv5 – Published: 2026-05-12 07:14 – Updated: 2026-05-13 14:38- CWE-772 - Missing Release of Resource after Effective Lifetime
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Modbus |
Affected:
1.0.0.0 , < 4.6.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35227",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-13T14:29:08.743627Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-13T14:38:41.132Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Modbus",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.6.0.0",
"status": "affected",
"version": "1.0.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_modbus:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.6.0.0",
"versionStartIncluding": "1.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "ABB Schweiz AG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker may exhaust all available TCP connections in the CODESYS Modbus TCP Server stack if a race condition in connection handling is successfully exploited, preventing legitimate clients from establishing new connections.\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker may exhaust all available TCP connections in the CODESYS Modbus TCP Server stack if a race condition in connection handling is successfully exploited, preventing legitimate clients from establishing new connections."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-772",
"description": "CWE-772 Missing Release of Resource after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T07:14:41.517Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2026-042"
}
],
"source": {
"advisory": "VDE-2026-042",
"defect": [
"CERT@VDE#642013"
],
"discovery": "UNKNOWN"
},
"title": "Improper resource management in CODESYS Modbus TCP Server",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-35227",
"datePublished": "2026-05-12T07:14:41.517Z",
"dateReserved": "2026-04-01T19:54:21.499Z",
"dateUpdated": "2026-05-13T14:38:41.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35225 (GCVE-0-2026-35225)
Vulnerability from cvelistv5 – Published: 2026-04-23 13:54 – Updated: 2026-04-23 15:35- CWE-754 - Improper Check for Unusual or Exceptional Conditions
| URL | Tags |
|---|---|
| https://codesys.csaf-tp.certvde.com/.well-known/c… | vendor-advisory |
| https://www.certvde.com/en/advisories/VDE-2026-040/ | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS EtherNetIP |
Affected:
1.0.0.0 , < 4.9.0.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35225",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-23T15:35:35.243946Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-23T15:35:43.352Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS EtherNetIP",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.9.0.0",
"status": "affected",
"version": "1.0.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:codesys:codesys_ethernetip:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.0.0",
"versionStartIncluding": "1.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "ABB"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker is able to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack, preventing legitimate clients from establishing new connections."
}
],
"value": "An unauthenticated remote attacker is able to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack, preventing legitimate clients from establishing new connections."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-23T13:54:51.863Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-04_vde-2026-040.json"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.certvde.com/en/advisories/VDE-2026-040/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper timeout handling in CODESYS EtherNetIP",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-35225",
"datePublished": "2026-04-23T13:54:51.863Z",
"dateReserved": "2026-04-01T19:54:21.499Z",
"dateUpdated": "2026-04-23T15:35:43.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3509 (GCVE-0-2026-3509)
Vulnerability from cvelistv5 – Published: 2026-03-24 07:42 – Updated: 2026-03-26 12:35- CWE-134 - Use of Externally-Controlled Format String
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Control RTE (SL) |
Affected:
3.5.17.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS Control RTE (for Beckhoff CX) SL |
Affected:
3.5.17.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS Control Win (SL) |
Affected:
3.5.17.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS Runtime Toolkit |
Affected:
3.5.17.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS Control for BeagleBone SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for emPC-A/iMX6 SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for IOT2000 SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux ARM SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC100 SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC200 SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PLCnext SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Raspberry Pi SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for WAGO Touch Panels 600 SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Virtual Control SL |
Affected:
4.1.0.0 , < 4.21.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3509",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-26T12:35:33.893071Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-26T12:35:48.666Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "3.5.17.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (for Beckhoff CX) SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "3.5.17.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control Win (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "3.5.17.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "3.5.17.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for BeagleBone SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for emPC-A/iMX6 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for IOT2000 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux ARM SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC100 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC200 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PLCnext SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Raspberry Pi SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for WAGO Touch Panels 600 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Virtual Control SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "4.1.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker may be able to control the format string of messages processed by the Audit Log of the CODESYS Control runtime system, potentially resulting in a denial\u2011of\u2011service (DoS) condition.\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker may be able to control the format string of messages processed by the Audit Log of the CODESYS Control runtime system, potentially resulting in a denial\u2011of\u2011service (DoS) condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-134",
"description": "CWE-134 Use of Externally-Controlled Format String",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T07:42:33.820Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2026-018"
}
],
"source": {
"advisory": "VDE-2026-018",
"defect": [
"CERT@VDE#641968"
],
"discovery": "UNKNOWN"
},
"title": "CODESYS Control Audit Log Format String DoS",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-3509",
"datePublished": "2026-03-24T07:42:33.820Z",
"dateReserved": "2026-03-04T09:24:19.745Z",
"dateUpdated": "2026-03-26T12:35:48.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-41660 (GCVE-0-2025-41660)
Vulnerability from cvelistv5 – Published: 2026-03-24 07:41 – Updated: 2026-03-24 13:16- CWE-669 - Incorrect Resource Transfer Between Spheres
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Control RTE (SL) |
Affected:
0.0.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS Control RTE (for Beckhoff CX) SL |
Affected:
0.0.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS Control Win (SL) |
Affected:
0.0.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS HMI (SL) |
Affected:
0.0.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS Runtime Toolkit |
Affected:
0.0.0 , < 3.5.22.0
(semver)
|
|
| CODESYS | CODESYS Control for BeagleBone SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for emPC-A/iMX6 SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for IOT2000 SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux ARM SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC100 SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC200 SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PLCnext SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Raspberry Pi SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Control for WAGO Touch Panels 600 SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
|
| CODESYS | CODESYS Virtual Control SL |
Affected:
0.0.0 , < 4.21.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41660",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-24T13:15:49.570572Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T13:16:02.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (for Beckhoff CX) SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control Win (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS HMI (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.22.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for BeagleBone SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for emPC-A/iMX6 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for IOT2000 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux ARM SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC100 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC200 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PLCnext SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Raspberry Pi SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for WAGO Touch Panels 600 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Virtual Control SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.21.0.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Luca Borzacchiello from Nozomi Networks"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system, enabling unauthorized code execution.\u003cbr\u003e"
}
],
"value": "A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system, enabling unauthorized code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-669",
"description": "CWE-669 Incorrect Resource Transfer Between Spheres",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T07:41:43.004Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2026-011"
}
],
"source": {
"advisory": "VDE-2026-011",
"defect": [
"CERT@VDE#641802"
],
"discovery": "UNKNOWN"
},
"title": "CODESYS Control Boot Application Replacement Enables Code Execution",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41660",
"datePublished": "2026-03-24T07:41:43.004Z",
"dateReserved": "2025-04-16T11:17:48.307Z",
"dateUpdated": "2026-03-24T13:16:02.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2364 (GCVE-0-2026-2364)
Vulnerability from cvelistv5 – Published: 2026-03-10 07:22 – Updated: 2026-03-10 16:51- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Installer |
Affected:
0.0.0 , < 2.6.1.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2364",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-10T15:39:49.202345Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T16:51:59.328Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Installer",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "2.6.1.0",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "David Ruscheweyh from SEW-EURODRIVE GmbH \u0026 Co KG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "If a legitimate user confirms a self-update prompt or initiate an installation of a CODESYS Development System, a low privileged local attacker can gain elevated rights due to a TOCTOU vulnerability in the CODESYS installer.\u003cbr\u003e"
}
],
"value": "If a legitimate user confirms a self-update prompt or initiate an installation of a CODESYS Development System, a low privileged local attacker can gain elevated rights due to a TOCTOU vulnerability in the CODESYS installer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T07:22:42.658Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2026-012"
}
],
"source": {
"advisory": "VDE-2026-012",
"defect": [
"CERT@VDE#641953"
],
"discovery": "UNKNOWN"
},
"title": "CODESYS Installer TOCTOU Privilege Escalation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2026-2364",
"datePublished": "2026-03-10T07:22:42.658Z",
"dateReserved": "2026-02-11T18:46:15.172Z",
"dateUpdated": "2026-03-10T16:51:59.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-41700 (GCVE-0-2025-41700)
Vulnerability from cvelistv5 – Published: 2025-12-01 10:02 – Updated: 2025-12-01 13:59- CWE-502 - Deserialization of Untrusted Data
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Development System |
Affected:
0.0.0 , < 3.5.21.40
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41700",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-01T13:25:21.754600Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T13:59:26.310Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Development System",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "0.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "MengyuXia from Beijing Aerospace Wanyuan Science \u0026 Technology Co, Ltd."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T10:02:47.312Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-101"
}
],
"source": {
"advisory": "VDE-2025-101",
"defect": [
"CERT@VDE#641842"
],
"discovery": "UNKNOWN"
},
"title": "CODESYS Development System - Deserialization of Untrusted Data",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41700",
"datePublished": "2025-12-01T10:02:47.312Z",
"dateReserved": "2025-04-16T11:17:48.310Z",
"dateUpdated": "2025-12-01T13:59:26.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-41738 (GCVE-0-2025-41738)
Vulnerability from cvelistv5 – Published: 2025-12-01 10:02 – Updated: 2025-12-01 14:00- CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS Control RTE (SL) |
Affected:
3.5.18.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS Control RTE (for Beckhoff CX) SL |
Affected:
3.5.18.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS Control Win (SL) |
Affected:
3.5.18.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS HMI (SL) |
Affected:
3.5.18.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS Remote Target Visu |
Affected:
3.5.18.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS Runtime Toolkit |
Affected:
3.5.18.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS Control for BeagleBone SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for emPC-A/iMX6 SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for IOT2000 SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux ARM SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC100 SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC200 SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PLCnext SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Raspberry Pi SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for WAGO Touch Panels 600 SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Virtual Control SL |
Affected:
4.5.0.0 , < 4.19.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41738",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-01T13:59:44.375519Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T14:00:28.509Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.18.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control RTE (for Beckhoff CX) SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.18.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control Win (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.18.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS HMI (SL)",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.18.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Remote Target Visu",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.18.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.18.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for BeagleBone SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for emPC-A/iMX6 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for IOT2000 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux ARM SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC100 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC200 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PLCnext SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Raspberry Pi SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for WAGO Touch Panels 600 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Virtual Control SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.5.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service (DoS) condition.\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service (DoS) condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T10:02:33.407Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-100"
}
],
"source": {
"advisory": "VDE-2025-100",
"defect": [
"CERT@VDE#641889"
],
"discovery": "UNKNOWN"
},
"title": "CODESYS Control - Invalid type usage in visualization",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41738",
"datePublished": "2025-12-01T10:02:33.407Z",
"dateReserved": "2025-04-16T11:17:48.320Z",
"dateUpdated": "2025-12-01T14:00:28.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-41739 (GCVE-0-2025-41739)
Vulnerability from cvelistv5 – Published: 2025-12-01 10:00 – Updated: 2026-01-07 17:09- CWE-125 - Out-of-bounds Read
| Vendor | Product | Version | |
|---|---|---|---|
| CODESYS | CODESYS PLCHandler |
Affected:
3.5.21.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS Remote Target Visu |
Affected:
3.5.21.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS Runtime Toolkit |
Affected:
3.5.21.0 , < 3.5.21.40
(semver)
|
|
| CODESYS | CODESYS Control for BeagleBone SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for emPC-A/iMX6 SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for IOT2000 SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux ARM SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Linux SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC100 SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PFC200 SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for PLCnext SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for Raspberry Pi SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Control for WAGO Touch Panels 600 SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Edge Gateway for Linux |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS TargetVisu for Linux SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
|
| CODESYS | CODESYS Virtual Control SL |
Affected:
4.15.0.0 , < 4.19.0.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41739",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-01T14:03:10.321003Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T17:09:52.535Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CODESYS PLCHandler",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.21.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Remote Target Visu",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.21.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Runtime Toolkit",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "3.5.21.40",
"status": "affected",
"version": "3.5.21.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for BeagleBone SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for emPC-A/iMX6 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for IOT2000 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux ARM SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Linux SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC100 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PFC200 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for PLCnext SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for Raspberry Pi SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Control for WAGO Touch Panels 600 SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Edge Gateway for Linux",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS TargetVisu for Linux SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "CODESYS Virtual Control SL",
"vendor": "CODESYS",
"versions": [
{
"lessThan": "4.19.0.0",
"status": "affected",
"version": "4.15.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "ABB AG"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker, who beats a race condition, can exploit a flaw in the communication servers of the CODESYS Control runtime system on Linux and QNX to trigger an out-of-bounds read via crafted socket communication, potentially causing a denial of service.\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker, who beats a race condition, can exploit a flaw in the communication servers of the CODESYS Control runtime system on Linux and QNX to trigger an out-of-bounds read via crafted socket communication, potentially causing a denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T10:00:44.373Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://certvde.com/de/advisories/VDE-2025-099"
}
],
"source": {
"advisory": "VDE-2025-099",
"defect": [
"CERT@VDE#641888"
],
"discovery": "UNKNOWN"
},
"title": "CODESYS Control - Linux/QNX SysSocket flaw",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2025-41739",
"datePublished": "2025-12-01T10:00:44.373Z",
"dateReserved": "2025-04-16T11:17:48.320Z",
"dateUpdated": "2026-01-07T17:09:52.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
VAR-201112-0097
Vulnerability from variot - Updated: 2026-04-10 23:46Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and earlier, as used on the ABB AC500 PLC and possibly other products, allows remote attackers to execute arbitrary code via a long URI to TCP port 8080. CoDeSys is a powerful PLC software programming tool that supports IEC61131-3 standard IL, ST, FBD, LD, CFC, SFC six PLC programming languages. The GatewayService has an integer overflow. The GatewayService uses the 32-bit value offset at the header 0x0c to specify the size of the received data. The program receives this value, increasing the number of 0x34 and allocating the amount of memory can cause an integer overflow. CmpWebServer is a component of the 3SRTESrv3 and CoDeSysControlService services for handling 8080 port connections. The function 0040f480 copies the input URI to a limited stack buffer, which can trigger a buffer overflow. 3S CoDeSys handles the Content-Length value in an HTTP POST request to trigger a null pointer reference. CoDeSys is prone to a stack-based buffer-overflow and an integer-overflow vulnerability. Failed attacks may cause a denial-of-service condition
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "codesys sp4 patch",
"scope": "eq",
"trust": 3.5,
"vendor": "3s smart",
"version": "3.42"
},
{
"_id": null,
"model": "codesys",
"scope": "lte",
"trust": 1.0,
"vendor": "3ssoftware",
"version": "3.4"
},
{
"_id": null,
"model": "codesys",
"scope": "lte",
"trust": 0.8,
"vendor": "3s smart",
"version": "3.4 sp4 patch 2"
},
{
"_id": null,
"model": null,
"scope": "eq",
"trust": 0.6,
"vendor": "codesys",
"version": "*"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"_id": null,
"model": "codesys",
"scope": "eq",
"trust": 0.6,
"vendor": "3ssoftware",
"version": "3.4"
},
{
"_id": null,
"model": "codesys",
"scope": "eq",
"trust": 0.3,
"vendor": "3s smart",
"version": "3.4"
},
{
"_id": null,
"model": "codesys",
"scope": "eq",
"trust": 0.3,
"vendor": "3s smart",
"version": "2.3"
},
{
"_id": null,
"model": "codesys",
"scope": "ne",
"trust": 0.3,
"vendor": "3s smart",
"version": "3.5"
},
{
"_id": null,
"model": "codesys",
"scope": "ne",
"trust": 0.3,
"vendor": "3s smart",
"version": "2.3.9.32"
}
],
"sources": [
{
"db": "IVD",
"id": "45e2b734-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "45e91728-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5b319126-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d2bf0-463f-11e9-bf0d-000c29342cb1"
},
{
"db": "IVD",
"id": "4143b83e-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "84af9d86-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7e1d2e16-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5591"
},
{
"db": "CNVD",
"id": "CNVD-2011-5128"
},
{
"db": "CNVD",
"id": "CNVD-2011-5125"
},
{
"db": "CNVD",
"id": "CNVD-2011-5126"
},
{
"db": "CNVD",
"id": "CNVD-2011-5127"
},
{
"db": "BID",
"id": "50849"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-447"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003530"
},
{
"db": "NVD",
"id": "CVE-2011-5007"
}
]
},
"configurations": {
"_id": null,
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:codesys:codesys",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003530"
}
]
},
"credits": {
"_id": null,
"data": "Luigi Auriemma",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201111-501"
}
],
"trust": 0.6
},
"cve": "CVE-2011-5007",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2011-5007",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2011-5591",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "45e2b734-2354-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "45e91728-2354-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "5b319126-1f7d-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7d7d2bf0-463f-11e9-bf0d-000c29342cb1",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "4143b83e-1f7d-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "84af9d86-1f7d-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "7e1d2e16-1f7d-11e6-abef-000c29c66e3d",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2011-5007",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2011-5007",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2011-5591",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201112-447",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "45e2b734-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "45e91728-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "5b319126-1f7d-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7d7d2bf0-463f-11e9-bf0d-000c29342cb1",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "4143b83e-1f7d-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "84af9d86-1f7d-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "7e1d2e16-1f7d-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "45e2b734-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "45e91728-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5b319126-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d2bf0-463f-11e9-bf0d-000c29342cb1"
},
{
"db": "IVD",
"id": "4143b83e-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "84af9d86-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7e1d2e16-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5591"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-447"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003530"
},
{
"db": "NVD",
"id": "CVE-2011-5007"
}
]
},
"description": {
"_id": null,
"data": "Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and earlier, as used on the ABB AC500 PLC and possibly other products, allows remote attackers to execute arbitrary code via a long URI to TCP port 8080. CoDeSys is a powerful PLC software programming tool that supports IEC61131-3 standard IL, ST, FBD, LD, CFC, SFC six PLC programming languages. The GatewayService has an integer overflow. The GatewayService uses the 32-bit value offset at the header 0x0c to specify the size of the received data. The program receives this value, increasing the number of 0x34 and allocating the amount of memory can cause an integer overflow. CmpWebServer is a component of the 3SRTESrv3 and CoDeSysControlService services for handling 8080 port connections. The function 0040f480 copies the input URI to a limited stack buffer, which can trigger a buffer overflow. 3S CoDeSys handles the Content-Length value in an HTTP POST request to trigger a null pointer reference. CoDeSys is prone to a stack-based buffer-overflow and an integer-overflow vulnerability. Failed attacks may cause a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-5007"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003530"
},
{
"db": "CNVD",
"id": "CNVD-2011-5591"
},
{
"db": "CNVD",
"id": "CNVD-2011-5128"
},
{
"db": "CNVD",
"id": "CNVD-2011-5125"
},
{
"db": "CNVD",
"id": "CNVD-2011-5126"
},
{
"db": "CNVD",
"id": "CNVD-2011-5127"
},
{
"db": "BID",
"id": "50849"
},
{
"db": "IVD",
"id": "45e2b734-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "45e91728-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5b319126-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d2bf0-463f-11e9-bf0d-000c29342cb1"
},
{
"db": "IVD",
"id": "4143b83e-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "84af9d86-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7e1d2e16-1f7d-11e6-abef-000c29c66e3d"
}
],
"trust": 5.85
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2011-5007",
"trust": 4.7
},
{
"db": "BID",
"id": "50849",
"trust": 3.3
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-336-01A",
"trust": 2.4
},
{
"db": "OSVDB",
"id": "77387",
"trust": 2.2
},
{
"db": "CNNVD",
"id": "CNNVD-201112-447",
"trust": 2.0
},
{
"db": "EXPLOIT-DB",
"id": "18187",
"trust": 1.6
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-11-336-01",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "47018",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2011-5591",
"trust": 1.2
},
{
"db": "ICS CERT",
"id": "ICSA-12-320-01",
"trust": 1.0
},
{
"db": "CNVD",
"id": "CNVD-2011-5128",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-5125",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-5127",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2011-5126",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003530",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201111-501",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20111129 VULNERABILITIES IN 3S CODESYS 3.4 SP4 PATCH 2",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-12-006-01",
"trust": 0.3
},
{
"db": "IVD",
"id": "45E2B734-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "45E91728-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "5B319126-1F7D-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "7D7D2BF0-463F-11E9-BF0D-000C29342CB1",
"trust": 0.2
},
{
"db": "IVD",
"id": "4143B83E-1F7D-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "84AF9D86-1F7D-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "IVD",
"id": "7E1D2E16-1F7D-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "45e2b734-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "45e91728-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5b319126-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d2bf0-463f-11e9-bf0d-000c29342cb1"
},
{
"db": "IVD",
"id": "4143b83e-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "84af9d86-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7e1d2e16-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5591"
},
{
"db": "CNVD",
"id": "CNVD-2011-5128"
},
{
"db": "CNVD",
"id": "CNVD-2011-5125"
},
{
"db": "CNVD",
"id": "CNVD-2011-5126"
},
{
"db": "CNVD",
"id": "CNVD-2011-5127"
},
{
"db": "BID",
"id": "50849"
},
{
"db": "CNNVD",
"id": "CNNVD-201111-501"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-447"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003530"
},
{
"db": "NVD",
"id": "CVE-2011-5007"
}
]
},
"id": "VAR-201112-0097",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "IVD",
"id": "45e2b734-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "45e91728-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5b319126-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d2bf0-463f-11e9-bf0d-000c29342cb1"
},
{
"db": "IVD",
"id": "4143b83e-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "84af9d86-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7e1d2e16-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5591"
},
{
"db": "CNVD",
"id": "CNVD-2011-5128"
},
{
"db": "CNVD",
"id": "CNVD-2011-5125"
},
{
"db": "CNVD",
"id": "CNVD-2011-5126"
},
{
"db": "CNVD",
"id": "CNVD-2011-5127"
}
],
"trust": 5.12310607
},
"iot_taxonomy": {
"_id": null,
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 4.4
}
],
"sources": [
{
"db": "IVD",
"id": "45e2b734-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "45e91728-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5b319126-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d2bf0-463f-11e9-bf0d-000c29342cb1"
},
{
"db": "IVD",
"id": "4143b83e-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "84af9d86-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7e1d2e16-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5591"
},
{
"db": "CNVD",
"id": "CNVD-2011-5128"
},
{
"db": "CNVD",
"id": "CNVD-2011-5125"
},
{
"db": "CNVD",
"id": "CNVD-2011-5126"
},
{
"db": "CNVD",
"id": "CNVD-2011-5127"
}
]
},
"last_update_date": "2026-04-10T23:46:00.136000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.3s-software.com/"
},
{
"title": "3S CoDeSys CmpWebServer component buffer overflow vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/37428"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-5591"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003530"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003530"
},
{
"db": "NVD",
"id": "CVE-2011-5007"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 4.3,
"url": "http://aluigi.altervista.org/adv/codesys_1-adv.txt"
},
{
"trust": 2.4,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-336-01a.pdf"
},
{
"trust": 2.2,
"url": "http://osvdb.org/77387"
},
{
"trust": 1.6,
"url": "http://www.us-cert.gov/control_systems/pdf/ics-alert-11-336-01.pdf"
},
{
"trust": 1.6,
"url": "http://www.exploit-db.com/exploits/18187"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/47018"
},
{
"trust": 1.6,
"url": "http://seclists.org/bugtraq/2011/nov/178"
},
{
"trust": 1.0,
"url": "http://ics-cert.us-cert.gov/advisories/icsa-12-320-01"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-5007"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-5007"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/50849"
},
{
"trust": 0.3,
"url": "http://www.3s-software.com/index.shtml?en_codesysv3_en"
},
{
"trust": 0.3,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-006-01.pdf"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-5591"
},
{
"db": "CNVD",
"id": "CNVD-2011-5128"
},
{
"db": "CNVD",
"id": "CNVD-2011-5125"
},
{
"db": "CNVD",
"id": "CNVD-2011-5126"
},
{
"db": "CNVD",
"id": "CNVD-2011-5127"
},
{
"db": "BID",
"id": "50849"
},
{
"db": "CNNVD",
"id": "CNNVD-201111-501"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-447"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003530"
},
{
"db": "NVD",
"id": "CVE-2011-5007"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "IVD",
"id": "45e2b734-2354-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "IVD",
"id": "45e91728-2354-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "IVD",
"id": "5b319126-1f7d-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "IVD",
"id": "7d7d2bf0-463f-11e9-bf0d-000c29342cb1",
"ident": null
},
{
"db": "IVD",
"id": "4143b83e-1f7d-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "IVD",
"id": "84af9d86-1f7d-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "IVD",
"id": "7e1d2e16-1f7d-11e6-abef-000c29c66e3d",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2011-5591",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2011-5128",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2011-5125",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2011-5126",
"ident": null
},
{
"db": "CNVD",
"id": "CNVD-2011-5127",
"ident": null
},
{
"db": "BID",
"id": "50849",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201111-501",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201112-447",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003530",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2011-5007",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2011-12-26T00:00:00",
"db": "IVD",
"id": "45e2b734-2354-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2011-12-26T00:00:00",
"db": "IVD",
"id": "45e91728-2354-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2011-12-05T00:00:00",
"db": "IVD",
"id": "5b319126-1f7d-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2011-12-26T00:00:00",
"db": "IVD",
"id": "7d7d2bf0-463f-11e9-bf0d-000c29342cb1",
"ident": null
},
{
"date": "2011-12-05T00:00:00",
"db": "IVD",
"id": "4143b83e-1f7d-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2011-12-05T00:00:00",
"db": "IVD",
"id": "84af9d86-1f7d-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2011-12-05T00:00:00",
"db": "IVD",
"id": "7e1d2e16-1f7d-11e6-abef-000c29c66e3d",
"ident": null
},
{
"date": "2011-12-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5591",
"ident": null
},
{
"date": "2011-12-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5128",
"ident": null
},
{
"date": "2011-12-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5125",
"ident": null
},
{
"date": "2011-12-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5126",
"ident": null
},
{
"date": "2011-12-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5127",
"ident": null
},
{
"date": "2011-11-29T00:00:00",
"db": "BID",
"id": "50849",
"ident": null
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201111-501",
"ident": null
},
{
"date": "2011-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201112-447",
"ident": null
},
{
"date": "2011-12-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003530",
"ident": null
},
{
"date": "2011-12-25T01:55:04.647000",
"db": "NVD",
"id": "CVE-2011-5007",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2011-12-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5591",
"ident": null
},
{
"date": "2011-12-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5128",
"ident": null
},
{
"date": "2011-12-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5125",
"ident": null
},
{
"date": "2011-12-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5126",
"ident": null
},
{
"date": "2011-12-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5127",
"ident": null
},
{
"date": "2012-11-15T23:10:00",
"db": "BID",
"id": "50849",
"ident": null
},
{
"date": "2011-12-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201111-501",
"ident": null
},
{
"date": "2011-12-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201112-447",
"ident": null
},
{
"date": "2011-12-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003530",
"ident": null
},
{
"date": "2025-04-11T00:51:21.963000",
"db": "NVD",
"id": "CVE-2011-5007",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201111-501"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-447"
}
],
"trust": 1.2
},
"title": {
"_id": null,
"data": "3S CoDeSys CmpWebServer Component Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "45e2b734-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "45e91728-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d2bf0-463f-11e9-bf0d-000c29342cb1"
},
{
"db": "CNVD",
"id": "CNVD-2011-5591"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-447"
}
],
"trust": 1.8
},
"type": {
"_id": null,
"data": "Buffer overflow",
"sources": [
{
"db": "IVD",
"id": "45e2b734-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "45e91728-2354-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "5b319126-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7d7d2bf0-463f-11e9-bf0d-000c29342cb1"
},
{
"db": "IVD",
"id": "4143b83e-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "84af9d86-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "IVD",
"id": "7e1d2e16-1f7d-11e6-abef-000c29c66e3d"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-447"
}
],
"trust": 2.0
}
}
VAR-202204-1264
Vulnerability from variot - Updated: 2025-10-04 22:44An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash. CODESYS Control for BeagleBone SL , control for beckhoff cx9020 , CODESYS Control for emPC-A/iMX6 SL etc. multiple CODESYS GmbH The product has NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202204-1264",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "control win sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "edge gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "control rte sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "control for empc-a\\/imx6 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "control for pfc200 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "hmi sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "control runtime system toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "control for beaglebone sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "control for raspberry pi sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "control for linux sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "control rte sl \\",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "control for iot2000 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "control for wago touch panels 600 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "embedded target visu toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "control for pfc100 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "control for plcnext sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "control for beckhoff cx9020",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "edge gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "development system",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "remote target visu toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "control for empc-a/imx6 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for plcnext sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control win sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control rte v3",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "gateway",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for beckhoff cx9020",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control runtime system toolkit",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control rte sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "embedded target visu toolkit",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "development system",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for raspberry pi sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for beaglebone sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "hmi sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "edge gateway",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for pfc200 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for linux sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for iot2000 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for pfc100 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for wago touch panels 600 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-007941"
},
{
"db": "NVD",
"id": "CVE-2022-22513"
}
]
},
"cve": "CVE-2022-22513",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2022-22513",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-411082",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2022-22513",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-22513",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-22513",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "info@cert.vde.com",
"id": "CVE-2022-22513",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2022-22513",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202204-2623",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-411082",
"trust": 0.1,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2022-22513",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411082"
},
{
"db": "VULMON",
"id": "CVE-2022-22513"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2623"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-007941"
},
{
"db": "NVD",
"id": "CVE-2022-22513"
},
{
"db": "NVD",
"id": "CVE-2022-22513"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash. CODESYS Control for BeagleBone SL , control for beckhoff cx9020 , CODESYS Control for emPC-A/iMX6 SL etc. multiple CODESYS GmbH The product has NULL There is a vulnerability in pointer dereference.Service operation interruption (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22513"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-007941"
},
{
"db": "VULHUB",
"id": "VHN-411082"
},
{
"db": "VULMON",
"id": "CVE-2022-22513"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-22513",
"trust": 3.4
},
{
"db": "JVN",
"id": "JVNVU90492166",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-25-273-04",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-007941",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2623",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-411082",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-22513",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411082"
},
{
"db": "VULMON",
"id": "CVE-2022-22513"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2623"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-007941"
},
{
"db": "NVD",
"id": "CVE-2022-22513"
}
]
},
"id": "VAR-202204-1264",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-411082"
}
],
"trust": 0.01
},
"last_update_date": "2025-10-04T22:44:28.756000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CODESYS Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=189579"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-RCE "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-22513"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2623"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-476",
"trust": 1.1
},
{
"problemtype": "NULL Pointer dereference (CWE-476) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411082"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-007941"
},
{
"db": "NVD",
"id": "CVE-2022-22513"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=17093\u0026token=15cd8424832ea10dcd4873a409a09a539ee381ca\u0026download="
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu90492166/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22513"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-273-04"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-22513/"
},
{
"trust": 0.1,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026amp;t=f\u0026amp;f=17093\u0026amp;token=15cd8424832ea10dcd4873a409a09a539ee381ca\u0026amp;download="
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/476.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411082"
},
{
"db": "VULMON",
"id": "CVE-2022-22513"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2623"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-007941"
},
{
"db": "NVD",
"id": "CVE-2022-22513"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-411082"
},
{
"db": "VULMON",
"id": "CVE-2022-22513"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2623"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-007941"
},
{
"db": "NVD",
"id": "CVE-2022-22513"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-411082"
},
{
"date": "2022-04-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-22513"
},
{
"date": "2022-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-2623"
},
{
"date": "2023-07-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-007941"
},
{
"date": "2022-04-07T19:15:08.073000",
"db": "NVD",
"id": "CVE-2022-22513"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-10T00:00:00",
"db": "VULHUB",
"id": "VHN-411082"
},
{
"date": "2022-05-10T00:00:00",
"db": "VULMON",
"id": "CVE-2022-22513"
},
{
"date": "2022-04-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-2623"
},
{
"date": "2025-10-02T08:49:00",
"db": "JVNDB",
"id": "JVNDB-2022-007941"
},
{
"date": "2024-11-21T06:46:55.900000",
"db": "NVD",
"id": "CVE-2022-22513"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-2623"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0CODESYS\u00a0GmbH\u00a0 In the product \u00a0NULL\u00a0 Pointer dereference vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-007941"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-2623"
}
],
"trust": 0.6
}
}
VAR-202204-0725
Vulnerability from variot - Updated: 2025-10-04 22:43An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be written. If invalid memory is accessed, this results in a crash. CODESYS Control for BeagleBone SL , control for beckhoff cx9020 , CODESYS Control for emPC-A/iMX6 SL etc. multiple CODESYS GmbH The product contains an unreliable pointer dereference vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202204-0725",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "control win sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "edge gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "control rte sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "control for empc-a\\/imx6 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "control for pfc200 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "hmi sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "development system",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control runtime system toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "control for beaglebone sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "control for raspberry pi sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "control for linux sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "control rte sl \\",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "control for iot2000 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "control for wago touch panels 600 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "embedded target visu toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "control for pfc100 sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "control for plcnext sl",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "control for beckhoff cx9020",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "4.5.0.0"
},
{
"model": "edge gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "development system",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "remote target visu toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.18.0"
},
{
"model": "control for empc-a/imx6 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for plcnext sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control win sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control rte v3",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "gateway",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for beckhoff cx9020",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control runtime system toolkit",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control rte sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "embedded target visu toolkit",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "development system",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for raspberry pi sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for beaglebone sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "hmi sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "edge gateway",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for pfc200 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for linux sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for iot2000 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for pfc100 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for wago touch panels 600 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-008142"
},
{
"db": "NVD",
"id": "CVE-2022-22514"
}
]
},
"cve": "CVE-2022-22514",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2022-22514",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-411083",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2022-22514",
"impactScore": 4.2,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.1,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2022-22514",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-22514",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "info@cert.vde.com",
"id": "CVE-2022-22514",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-22514",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202204-2621",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-411083",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2022-22514",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411083"
},
{
"db": "VULMON",
"id": "CVE-2022-22514"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2621"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008142"
},
{
"db": "NVD",
"id": "CVE-2022-22514"
},
{
"db": "NVD",
"id": "CVE-2022-22514"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be written. If invalid memory is accessed, this results in a crash. CODESYS Control for BeagleBone SL , control for beckhoff cx9020 , CODESYS Control for emPC-A/iMX6 SL etc. multiple CODESYS GmbH The product contains an unreliable pointer dereference vulnerability.Information is tampered with and service operation is interrupted (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-22514"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008142"
},
{
"db": "VULHUB",
"id": "VHN-411083"
},
{
"db": "VULMON",
"id": "CVE-2022-22514"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-22514",
"trust": 3.4
},
{
"db": "JVN",
"id": "JVNVU90492166",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-25-273-04",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008142",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2621",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-411083",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-22514",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411083"
},
{
"db": "VULMON",
"id": "CVE-2022-22514"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2621"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008142"
},
{
"db": "NVD",
"id": "CVE-2022-22514"
}
]
},
"id": "VAR-202204-0725",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-411083"
}
],
"trust": 0.01
},
"last_update_date": "2025-10-04T22:43:24.178000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CODESYS Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=189800"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/AlphabugX/CVE-2022-RCE "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2022-22514"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2621"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-822",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 1.0
},
{
"problemtype": "unreliable pointer dereference (CWE-822) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411083"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008142"
},
{
"db": "NVD",
"id": "CVE-2022-22514"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026t=f\u0026f=17093\u0026token=15cd8424832ea10dcd4873a409a09a539ee381ca\u0026download="
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu90492166/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22514"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-273-04"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-22514/"
},
{
"trust": 0.1,
"url": "https://customers.codesys.com/index.php?eid=dumpfile\u0026amp;t=f\u0026amp;f=17093\u0026amp;token=15cd8424832ea10dcd4873a409a09a539ee381ca\u0026amp;download="
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/822.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-411083"
},
{
"db": "VULMON",
"id": "CVE-2022-22514"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2621"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008142"
},
{
"db": "NVD",
"id": "CVE-2022-22514"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-411083"
},
{
"db": "VULMON",
"id": "CVE-2022-22514"
},
{
"db": "CNNVD",
"id": "CNNVD-202204-2621"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-008142"
},
{
"db": "NVD",
"id": "CVE-2022-22514"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-411083"
},
{
"date": "2022-04-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-22514"
},
{
"date": "2022-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-2621"
},
{
"date": "2023-07-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-008142"
},
{
"date": "2022-04-07T19:15:08.133000",
"db": "NVD",
"id": "CVE-2022-22514"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-05-10T00:00:00",
"db": "VULHUB",
"id": "VHN-411083"
},
{
"date": "2022-05-10T00:00:00",
"db": "VULMON",
"id": "CVE-2022-22514"
},
{
"date": "2022-04-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202204-2621"
},
{
"date": "2025-10-02T08:47:00",
"db": "JVNDB",
"id": "JVNDB-2022-008142"
},
{
"date": "2024-11-21T06:46:56.033000",
"db": "NVD",
"id": "CVE-2022-22514"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-2621"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0CODESYS\u00a0GmbH\u00a0 Product Untrusted Pointer Dereference Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-008142"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202204-2621"
}
],
"trust": 0.6
}
}
VAR-201909-0996
Vulnerability from variot - Updated: 2025-10-04 22:17CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller. CODESYS V3 web The server contains a path traversal vulnerability.Information may be obtained
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201909-0996",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "control for empc-a\\/imx6",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.10"
},
{
"model": "control rte",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.12.80"
},
{
"model": "hmi",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.10"
},
{
"model": "control for raspberry pi",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.10"
},
{
"model": "control rte",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.13.0"
},
{
"model": "control for pfc100",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.10"
},
{
"model": "control win",
"scope": "lte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.12.80"
},
{
"model": "control win",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.10"
},
{
"model": "control runtime system toolkit",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "embedded target visu toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.12.80"
},
{
"model": "control win",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.9.80"
},
{
"model": "hmi",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.10.0"
},
{
"model": "hmi",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.12.80"
},
{
"model": "remote target visu toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.12.80"
},
{
"model": "embedded target visu toolkit",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "hmi",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.13.0"
},
{
"model": "control for iot2000",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.10"
},
{
"model": "control for beaglebone",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.10"
},
{
"model": "control for pfc200",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.10"
},
{
"model": "control rte",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.10"
},
{
"model": "remote target visu toolkit",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.0"
},
{
"model": "control runtime system toolkit",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.12.80"
},
{
"model": "control rte",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.8.60"
},
{
"model": "control win",
"scope": "gte",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.13.0"
},
{
"model": "control for linux",
"scope": "lt",
"trust": 1.0,
"vendor": "codesys",
"version": "3.5.14.10"
},
{
"model": "control runtime system toolkit",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for empc-a/imx6 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for raspberry pi sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control win sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for pfc200 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for linux sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for beaglebone sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for iot2000 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control for pfc100 sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "control rte sl",
"scope": null,
"trust": 0.8,
"vendor": "codesys",
"version": null
},
{
"model": "software solutions codesys web server",
"scope": "eq",
"trust": 0.6,
"vendor": "3s smart",
"version": "v3\u003c3.5.14.10"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "control rte",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "control win",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.4,
"vendor": "hmi",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control for beaglebone",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control for empc a imx6",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control for iot2000",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control for linux",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control for pfc100",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control for pfc200",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control for raspberry pi",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "control runtime system toolkit",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "embedded target visu toolkit",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "remote target visu toolkit",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "f4634c88-ffbb-41d2-9de5-4c49df63339a"
},
{
"db": "CNVD",
"id": "CNVD-2019-32463"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009414"
},
{
"db": "NVD",
"id": "CVE-2019-13532"
}
]
},
"cve": "CVE-2019-13532",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-13532",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-32463",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "f4634c88-ffbb-41d2-9de5-4c49df63339a",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-13532",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-13532",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-13532",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-13532",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-32463",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-657",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "f4634c88-ffbb-41d2-9de5-4c49df63339a",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "f4634c88-ffbb-41d2-9de5-4c49df63339a"
},
{
"db": "CNVD",
"id": "CNVD-2019-32463"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-657"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009414"
},
{
"db": "NVD",
"id": "CVE-2019-13532"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller. CODESYS V3 web The server contains a path traversal vulnerability.Information may be obtained",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-13532"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009414"
},
{
"db": "CNVD",
"id": "CNVD-2019-32463"
},
{
"db": "IVD",
"id": "f4634c88-ffbb-41d2-9de5-4c49df63339a"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-13532",
"trust": 4.0
},
{
"db": "ICS CERT",
"id": "ICSA-19-255-01",
"trust": 2.4
},
{
"db": "AUSCERT",
"id": "ESB-2019.3487",
"trust": 1.2
},
{
"db": "CNVD",
"id": "CNVD-2019-32463",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201909-657",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU90492166",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-25-273-04",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009414",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-19-255-04",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-19-255-03",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-19-255-05",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-19-255-02",
"trust": 0.6
},
{
"db": "IVD",
"id": "F4634C88-FFBB-41D2-9DE5-4C49DF63339A",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "f4634c88-ffbb-41d2-9de5-4c49df63339a"
},
{
"db": "CNVD",
"id": "CNVD-2019-32463"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-657"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009414"
},
{
"db": "NVD",
"id": "CVE-2019-13532"
}
]
},
"id": "VAR-201909-0996",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "f4634c88-ffbb-41d2-9de5-4c49df63339a"
},
{
"db": "CNVD",
"id": "CNVD-2019-32463"
}
],
"trust": 1.8
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "f4634c88-ffbb-41d2-9de5-4c49df63339a"
},
{
"db": "CNVD",
"id": "CNVD-2019-32463"
}
]
},
"last_update_date": "2025-10-04T22:17:26.762000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top\u00a0Page",
"trust": 0.8,
"url": "https://www.codesys.com/"
},
{
"title": "3S-Smart Software Solutions CODESYS V3 web server path traversal vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/181469"
},
{
"title": "CODESYS V3 web server Repair measures for path traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98231"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-32463"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-657"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009414"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.0
},
{
"problemtype": "Path traversal (CWE-22) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009414"
},
{
"db": "NVD",
"id": "CVE-2019-13532"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-255-01"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13532"
},
{
"trust": 1.2,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3487/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu90492166/index.html"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-273-04"
},
{
"trust": 0.6,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-255-05"
},
{
"trust": 0.6,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-255-04"
},
{
"trust": 0.6,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-255-03"
},
{
"trust": 0.6,
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-255-02"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-32463"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-657"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009414"
},
{
"db": "NVD",
"id": "CVE-2019-13532"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "f4634c88-ffbb-41d2-9de5-4c49df63339a"
},
{
"db": "CNVD",
"id": "CNVD-2019-32463"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-657"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009414"
},
{
"db": "NVD",
"id": "CVE-2019-13532"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-21T00:00:00",
"db": "IVD",
"id": "f4634c88-ffbb-41d2-9de5-4c49df63339a"
},
{
"date": "2019-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-32463"
},
{
"date": "2019-09-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-657"
},
{
"date": "2019-09-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009414"
},
{
"date": "2019-09-13T17:15:11.617000",
"db": "NVD",
"id": "CVE-2019-13532"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-32463"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-657"
},
{
"date": "2025-10-02T08:39:00",
"db": "JVNDB",
"id": "JVNDB-2019-009414"
},
{
"date": "2024-11-21T04:25:05.470000",
"db": "NVD",
"id": "CVE-2019-13532"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-657"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "3S-Smart Software Solutions CODESYS V3 web server Path traversal vulnerability",
"sources": [
{
"db": "IVD",
"id": "f4634c88-ffbb-41d2-9de5-4c49df63339a"
},
{
"db": "CNVD",
"id": "CNVD-2019-32463"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-657"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Path traversal",
"sources": [
{
"db": "IVD",
"id": "f4634c88-ffbb-41d2-9de5-4c49df63339a"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-657"
}
],
"trust": 0.8
}
}