Codesys Runtime Toolkit vulnerabilities
25 known vulnerabilities affecting codesys/runtime_toolkit.
Total CVEs
25
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH16MEDIUM8
Vulnerabilities
Page 2 of 2
CVE-2021-30186HIGHCVSS 7.5fixed in 2.4.7.552021-05-25
CVE-2021-30186 [HIGH] CWE-787 CVE-2021-30186: CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow.
CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow.
nvd
CVE-2021-30195HIGHCVSS 7.5fixed in 2.4.7.552021-05-25
CVE-2021-30195 [HIGH] CWE-125 CVE-2021-30195: CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation.
CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation.
nvd
CVE-2021-30187MEDIUMCVSS 5.3fixed in 2.4.7.552021-05-25
CVE-2021-30187 [MEDIUM] CWE-78 CVE-2021-30187: CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in
CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.
nvd
CVE-2019-19789MEDIUMCVSS 6.5fixed in 2.4.7.542019-12-20
CVE-2019-19789 [MEDIUM] CWE-476 CVE-2019-19789: 3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit full before V2.4.7.
3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit full before V2.4.7.54, and CODESYS PLCWinNT before V2.4.7.54 allow a NULL pointer dereference.
nvd
CVE-2019-9013HIGHCVSS 8.8≥ 3.0, < 3.5.16.02019-08-15
CVE-2019-9013 [HIGH] CWE-327 CVE-2019-9013: An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based e
An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. All variants of the following CODESYS V3 products in all versions containing the CmpUserMgr component are affected regardless of the CPU type or operating system
nvd
← Previous2 / 2