CVE-2020-10245

CWE-787Out-of-bounds Write3 documents3 sources
Severity
9.8CRITICAL
EPSS
1.1%
top 22.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
14
Codesys Control FOR BeagleboneCodesys Control FOR Empc-a\/imx6Codesys Control FOR Iot2000+11 more
Timeline
PublishedMar 26
Latest updateMay 24

Description

CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages7 packages

NVDcodesys/control< 3.5.15.40
NVDcodesys/control_rte3.5.8.603.5.15.40
NVDcodesys/control_win3.5.9.803.5.15.40
NVDcodesys/hmi3.5.10.03.5.15.40

🔴Vulnerability Details

2
GHSA
GHSA-566c-75hw-w2q2: CODESYS V3 web server before 32022-05-24
CVEList
CVE-2020-10245: CODESYS V3 web server before 32020-03-26
CVE-2020-10245 (CRITICAL CVSS 9.8) | CODESYS V3 web server before 3.5.15 | cvebase.io