📦 Codesys

CVE-2021-34584 is a buffer over-read vulnerability in the CODESYS V2 web server that allows attackers to read partial stack or heap memory or cause denial-of-service through crafted web requests. This...

An unauthenticated attacker can execute arbitrary code by tricking a user into opening a malicious CODESYS project file. The code runs with the user's privileges, potentially compromising the developm...

CVE-2021-34595 is an out-of-bounds read/write vulnerability in CODESYS V2 Runtime Toolkit and PLCWinNT software. Attackers can send crafted requests with invalid offsets to cause denial-of-service or ...

CVE-2021-34586 is a null pointer dereference vulnerability in the CODESYS V2 web server that allows crafted web requests to cause denial-of-service conditions. This affects industrial control systems ...

This CVE describes an unsafe deserialization vulnerability in CODESYS Development System that allows arbitrary command execution when processing malicious files. Attackers can exploit this by providin...

This CVE describes an unsafe deserialization vulnerability in CODESYS Development System that allows arbitrary command execution when processing malicious project files. Attackers can achieve remote c...