CVE-2019-18858

Severity

9.8CRITICAL

EPSS

0.4%

top 38.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedNov 20

Latest updateMay 24

Description

CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

▶NVDcodesys/control< 3.5.15.20

▶NVDcodesys/hmi< 3.5.15.20

GHSA

GHSA-v33j-h2wh-c582: CODESYS 3 web server before 3↗2022-05-24

▶

CVEList

CVE-2019-18858: CODESYS 3 web server before 3↗2019-11-20

▶