Filtered by vendor Codesys
Subscriptions
Filtered by product Control
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-41658 | 1 Codesys | 1 Control | 2025-08-05 | 5.5 Medium |
| CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged operating system users due to default file permissions. | ||||
| CVE-2025-41659 | 1 Codesys | 1 Control | 2025-08-05 | 8.3 High |
| A low-privileged attacker can remotely access the PKI folder of the CODESYS Control runtime system and thus read and write certificates and its keys. This allows sensitive data to be extracted or to accept certificates as trusted. Although all services remain available, only unencrypted communication is possible if the certificates are deleted. | ||||
| CVE-2025-41691 | 1 Codesys | 1 Control | 2025-08-05 | 7.5 High |
| An unauthenticated remote attacker may trigger a NULL pointer dereference in the affected CODESYS Control runtime systems by sending specially crafted communication requests, potentially leading to a denial-of-service (DoS) condition. | ||||
| CVE-2021-36763 | 1 Codesys | 7 Control, Control Rte, Control Runtime System Toolkit and 4 more | 2024-11-21 | 7.5 High |
| In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties. | ||||
| CVE-2021-33485 | 1 Codesys | 7 Control, Control Rte, Control Runtime System Toolkit and 4 more | 2024-11-21 | 9.8 Critical |
| CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow. | ||||
Page 1 of 1.