Codesys Runtime System Toolkit vulnerabilities
3 known vulnerabilities affecting codesys/runtime_system_toolkit.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2018-25048HIGHCVSS 8.8≥ 2.0.0.0, < 2.4.7.52v3.5.15.02023-03-23
CVE-2018-25048 [HIGH] CWE-22 CVE-2018-25048: The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a pa
The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device.
nvd
CVE-2019-9009HIGHCVSS 7.5fixed in 3.5.15.02019-09-17
CVE-2019-9009 [HIGH] CWE-755 CVE-2019-9009: An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Cont
An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash.
nvd
CVE-2019-13542MEDIUMCVSS 6.5≥ 3.5.11.0, < 3.5.15.02019-09-17
CVE-2019-13542 [MEDIUM] CWE-476 CVE-2019-13542: 3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server, all versions 3.5.11.0 to 3.5.15.0, allows
3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server, all versions 3.5.11.0 to 3.5.15.0, allows an attacker to send crafted requests from a trusted OPC UA client that cause a NULL pointer dereference, which may trigger a denial-of-service condition.
nvd