Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown

CVE-2024-8175

Disclosure Date: September 25, 2024 (last updated January 05, 2025)
An unauthenticated remote attacker can causes the CODESYS web server to access invalid memory which results in a DoS.
0
0
Attacker Value
Unknown

CVE-2024-5000

Disclosure Date: June 04, 2024 (last updated June 04, 2024)
An unauthenticated remote attacker can use a malicious OPC UA client to send a crafted request to affected CODESYS products which can cause a DoS due to incorrect calculation of buffer size.
0
0
Attacker Value
Unknown

CVE-2023-6357

Disclosure Date: December 05, 2023 (last updated December 12, 2023)
A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-29242

Disclosure Date: May 03, 2021 (last updated February 22, 2025)
CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0