threat
engine
.sh
Back
·
··:··
Home
/
Product
/
codesys remote target visu toolkit
Product
codesys remote target visu toolkit
16 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2018-25048
>= 3.0 and < 3.5.12.30
The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to
8.8
HIGH
CVE-2022-30792
< 3.5.18.20
In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to bl
7.5
HIGH
CVE-2022-30791
< 3.5.18.20
In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block
7.5
HIGH
CVE-2022-22519
< 3.5.18.0
A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a cr
7.5
HIGH
CVE-2022-22517
< 3.5.18.0
An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid chann
7.5
HIGH
CVE-2022-22515
< 3.5.18.0
A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability
8.1
HIGH
CVE-2022-22514
< 3.5.18.0
An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently
7.1
HIGH
CVE-2022-22513
< 3.5.18.0
An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS product
6.5
MEDIUM
CVE-2021-36763
< 3.5.17.10
In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.
7.5
HIGH
CVE-2021-33485
< 3.5.17.10
CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.
9.8
CRITICAL
CVE-2021-29242
>= 3.0 and < 3.5.17.0
CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to
7.3
HIGH
CVE-2020-15806
>= 3.0 and < 3.5.16.10
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation.
7.5
HIGH
CVE-2020-10245
>= 3.0 and < 3.5.15.40
CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.
9.8
CRITICAL
CVE-2019-18858
< 3.5.15.20
CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.
9.8
CRITICAL
CVE-2019-13548
>= 3.0 and < 3.5.12.80
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which
9.8
CRITICAL
CVE-2019-13532
>= 3.0 and < 3.5.12.80
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which
7.5
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin