📦 Control Runtime System Toolkit

CVE-2021-33485 is a critical heap-based buffer overflow vulnerability in CODESYS Control Runtime systems. Successful exploitation could allow remote attackers to execute arbitrary code or cause denial...

CVE-2022-47387 is a stack-based out-of-bounds write vulnerability in the CmpTraceMgr component of CODESYS industrial automation software. Authenticated remote attackers can exploit this to cause denia...

This vulnerability allows authenticated remote attackers to exploit a stack-based out-of-bounds write in the CmpTraceMgr component of CODESYS products. Successful exploitation could lead to denial-of-...

CVE-2022-47391 is an improper input validation vulnerability in multiple CODESYS products that allows unauthorized remote attackers to read from invalid memory addresses, potentially causing denial of...

CVE-2022-47379 is an out-of-bounds write vulnerability in multiple CODESYS industrial automation products that allows authenticated remote attackers to write arbitrary data to memory. This can lead to...

This vulnerability allows authenticated remote attackers to exploit a stack-based out-of-bounds write in multiple CODESYS products, potentially leading to denial-of-service, memory corruption, or remo...

An authenticated remote attacker can exploit a stack-based out-of-bounds write vulnerability in the CmpTraceMgr component of CODESYS products to cause denial-of-service, memory corruption, or potentia...

An authenticated remote attacker can exploit a stack-based out-of-bounds write vulnerability in the CmpAppForce component of CODESYS products to cause denial-of-service, memory corruption, or remote c...

CVE-2022-30792 is a denial-of-service vulnerability in CODESYS V3's CmpChannelServer component that allows unauthorized attackers to consume resources and block new communication channel connections. ...

CVE-2022-22514 is a memory corruption vulnerability in CODESYS Control runtime systems that allows authenticated remote attackers to cause denial of service through system crashes. Attackers can deref...

CVE-2022-22519 is a buffer over-read vulnerability in CODESYS Control runtime system webserver that allows remote, unauthenticated attackers to crash the webserver by sending crafted HTTP/HTTPS reques...

CVE-2021-36763 is a directory traversal vulnerability in CODESYS V3 web server that allows external attackers to access files or directories they shouldn't have permission to view. This affects CODESY...

CVE-2021-29242 is an improper input validation vulnerability in CODESYS Control Runtime systems that allows attackers to send crafted packets to manipulate the router's addressing scheme. This can ena...