CVE-2021-34596
published 2021-10-26CVE-2021-34596: A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition.
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| codesys | codesys | < 1.1.9.22 | 1.1.9.22 |
| codesys | codesys_v2 | >= PLCWinNT < V2.4.7.56 | V2.4.7.56 |
| codesys | codesys_v2 | >= Runtime Toolkit 32 bit full < V2.4.7.56 | V2.4.7.56 |
| codesys | plcwinnt | < 2.4.7.56 | 2.4.7.56 |
| codesys | runtime_toolkit | < 2.4.7.56 | 2.4.7.56 |
| wago | 750-8202_firmware | < fw20 | fw20 |
| wago | 750-8203_firmware | < fw20 | fw20 |
| wago | 750-8204_firmware | < fw20 | fw20 |
| wago | 750-8206_firmware | < fw20 | fw20 |
| wago | 750-8207_firmware | < fw20 | fw20 |
| wago | 750-8208_firmware | < fw20 | fw20 |
| wago | 750-8210_firmware | < fw20 | fw20 |
| wago | 750-8211_firmware | < fw20 | fw20 |
| wago | 750-8212_firmware | < fw20 | fw20 |
| wago | 750-8213_firmware | < fw20 | fw20 |
| wago | 750-8214_firmware | < fw20 | fw20 |
| wago | 750-8216_firmware | < fw20 | fw20 |
| wago | 750-8217_firmware | < fw20 | fw20 |
| wago | 750-823_firmware | < fw10 | fw10 |
| wago | 750-829_firmware | < fw17 | fw17 |
| wago | 750-831_firmware | < fw17 | fw17 |
| wago | 750-832_firmware | < fw10 | fw10 |
| wago | 750-852_firmware | < fw17 | fw17 |
| wago | 750-862_firmware | < fw10 | fw10 |
| wago | 750-880_firmware | < fw17 | fw17 |