CVE-2024-8175
published 2024-09-25CVE-2024-8175: An unauthenticated remote attacker can causes the CODESYS web server to access invalid memory which results in a DoS.
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
An unauthenticated remote attacker can causes the CODESYS web server to access invalid memory which results in a DoS.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| codesys | codesys_control_for_beaglebone_sl | < 4.14.0.0 | 4.14.0.0 |
| codesys | codesys_control_for_empc-a_imx6_sl | < 4.14.0.0 | 4.14.0.0 |
| codesys | codesys_control_for_iot2000_sl | < 4.14.0.0 | 4.14.0.0 |
| codesys | codesys_control_for_linux_arm_sl | < 4.14.0.0 | 4.14.0.0 |
| codesys | codesys_control_for_linux_sl | < 4.14.0.0 | 4.14.0.0 |
| codesys | codesys_control_for_pfc100_sl | < 4.14.0.0 | 4.14.0.0 |
| codesys | codesys_control_for_pfc200_sl | < 4.14.0.0 | 4.14.0.0 |
| codesys | codesys_control_for_plcnext_sl | < 4.14.0.0 | 4.14.0.0 |
| codesys | codesys_control_for_raspberry_pi_sl | < 4.14.0.0 | 4.14.0.0 |
| codesys | codesys_control_for_wago_touch_panels_600_sl | < 4.14.0.0 | 4.14.0.0 |
| codesys | codesys_control_rte | < 3.5.20.30 | 3.5.20.30 |
| codesys | codesys_control_rte_sl | < 3.5.20.30 | 3.5.20.30 |
| codesys | codesys_control_win | < 3.5.20.30 | 3.5.20.30 |
| codesys | codesys_embedded_target_visu_toolkit | < 3.5.20.30 | 3.5.20.30 |
| codesys | codesys_hmi | < 3.5.20.30 | 3.5.20.30 |
| codesys | codesys_remote_target_visu_toolkit | < 3.5.20.30 | 3.5.20.30 |
| codesys | codesys_runtime_toolkit | < 3.5.20.30 | 3.5.20.30 |
| codesys | codesys_virtual_control_sl | < 4.14.0.0 | 4.14.0.0 |