CVE-2023-1620

< fw22

Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by se

4.9MEDIUM

CVE-2023-1619

< fw22

Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high privileges to DoS the device by se

4.9MEDIUM

CVE-2020-12069

< 03.06.19\(18\)

In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the on

7.8HIGH

CVE-2022-3281

>= 03.01.07\(13\) and <= 03.10.08\(22\)

WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to

7.5HIGH

CVE-2021-34596

< fw20

A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior

6.5MEDIUM

CVE-2021-34595

< fw20

A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full a

8.1HIGH

CVE-2021-34593

< fw20

In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may re

7.5HIGH

CVE-2021-34586

< fw20

In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS we

7.5HIGH

CVE-2021-34585

< fw20

In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is

7.5HIGH

CVE-2021-34584

< fw20

Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of-service condition due

9.1CRITICAL

CVE-2021-34583

< fw20

Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of-service condition due t

7.5HIGH

CVE-2021-30195

< 03.06.19_\(18\)

CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation.

7.5HIGH

CVE-2021-30194

< 03.06.19_\(18\)

CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read.

9.1CRITICAL

CVE-2021-30193

< 03.06.19_\(18\)

CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Write.

9.8CRITICAL

CVE-2021-30192

< 03.06.19_\(18\)

CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check.

9.8CRITICAL

CVE-2021-30191

< 03.06.19_\(18\)

CODESYS V2 Web-Server before 1.1.9.20 has a Buffer Copy without Checking the Size of the Input.

7.5HIGH

CVE-2021-30190

< 03.06.19_\(18\)

CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control.

9.8CRITICAL

CVE-2021-30189

< 03.06.19_\(18\)

CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow.

9.8CRITICAL

CVE-2021-30188

< 03.06.19_\(18\)

CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow.

9.8CRITICAL

CVE-2021-30186

< 03.06.19_\(18\)

CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow.

7.5HIGH

CVE-2021-30187

< 03.06.19_\(18\)

CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.

5.3MEDIUM

CVE-2021-21001

< 03.06.19_\(18\)

On WAGO PFC200 devices in different firmware versions with special crafted packets an authorised attacker with network access to t

9.1CRITICAL

CVE-2021-21000

< 03.06.19_\(18\)

On WAGO PFC200 devices in different firmware versions with special crafted packets an attacker with network access to the device c

5.3MEDIUM