Codesys: >> Control For Wago Touch Panels 600 Sl Security Vulnerabilities
A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the applied security policy.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-04-07
A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system.
CVSS Score
7.5
EPSS Score
0.008
Published
2022-04-07
CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.
CVSS Score
7.3
EPSS Score
0.003
Published
2021-05-03
Page 5