Shodan
Vulnerabilities
Vulnerable Software
Codesys:  >> Runtime Toolkit  Security Vulnerabilities
CVE-2022-32138
In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a denial-of-service condition or memory overwrite.
CVSS Score
8.8
EPSS Score
0.012
Published
2022-06-24
CVE-2022-32139
In multiple CODESYS products, a low privileged remote attacker may craft a request, which cause an out-of-bounds read, resulting in a denial-of-service condition. User Interaction is not required.
CVSS Score
6.5
EPSS Score
0.005
Published
2022-06-24
CVE-2022-32140
Multiple CODESYS products are affected to a buffer overflow.A low privileged remote attacker may craft a request, which can cause a buffer copy without checking the size of the service, resulting in a denial-of-service condition. User Interaction is not required.
CVSS Score
6.5
EPSS Score
0.006
Published
2022-06-24
CVE-2021-34593
In CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56 unauthenticated crafted invalid requests may result in several denial-of-service conditions. Running PLC programs may be stopped, memory may be leaked, or further communication clients may be blocked from accessing the PLC.
CVSS Score
7.5
EPSS Score
0.016
Published
2021-10-26
CVE-2021-34595
A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite.
CVSS Score
8.1
EPSS Score
0.005
Published
2021-10-26
CVE-2021-34596
A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-10-26
CVE-2021-33486
All versions of the CODESYS V3 Runtime Toolkit for VxWorks from version V3.5.8.0 and before version V3.5.17.10 have Improper Handling of Exceptional Conditions.
CVSS Score
7.5
EPSS Score
0.004
Published
2021-08-03
CVE-2021-30186
CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow.
CVSS Score
7.5
EPSS Score
0.005
Published
2021-05-25
CVE-2021-30195
CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation.
CVSS Score
7.5
EPSS Score
0.004
Published
2021-05-25
CVE-2021-30187
CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command.
CVSS Score
5.3
EPSS Score
0.001
Published
2021-05-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved