24h | 7d | 30d

CVE-2021-21867

Overview

  • CODESYS
18 Aug 2021
Published
03 Aug 2024
Updated
CVSS v3.0
HIGH (8.8)
EPSS
0.09%
KEV

Description

An unsafe deserialization vulnerability exists in the ObjectManager.plugin ObjectStream.ProfileByteArray functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 19 hours ago

Fediverse

Profile picture fallback
CERT@VDE @certvde

VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

certvde.com/en/advisories/vde-

festo.csaf-tp.certvde.com/.wel

  • 1
  • 1
  • 0
  • 19h ago

CVE-2021-21865

Overview

  • CODESYS
02 Aug 2021
Published
03 Aug 2024
Updated
CVSS v3.0
HIGH (8.8)
EPSS
0.06%
KEV

Description

A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone() functionality of CODESYS GmbH CODESYS Development System 3.5.16. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 19 hours ago

Fediverse

Profile picture fallback
CERT@VDE @certvde

VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

certvde.com/en/advisories/vde-

festo.csaf-tp.certvde.com/.wel

  • 1
  • 1
  • 0
  • 19h ago

CVE-2020-10245

Overview

  • Pending
26 Mar 2020
Published
04 Aug 2024
Updated
CVSS
Pending
EPSS
1.41%
KEV

Description

CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 19 hours ago

Fediverse

Profile picture fallback
CERT@VDE @certvde

VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

certvde.com/en/advisories/vde-

festo.csaf-tp.certvde.com/.wel

  • 1
  • 1
  • 0
  • 19h ago

CVE-2022-47386

Overview

  • CODESYS
  • CODESYS Control RTE (SL)
15 May 2023
Published
05 Mar 2025
Updated
CVSS v3.1
HIGH (8.8)
EPSS
5.42%
KEV

Description

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 19 hours ago

Fediverse

Profile picture fallback
CERT@VDE @certvde

VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

certvde.com/en/advisories/vde-

festo.csaf-tp.certvde.com/.wel

  • 1
  • 1
  • 0
  • 19h ago

CVE-2022-32138

Overview

  • CODESYS
  • Runtime Toolkit
24 Jun 2022
Published
17 Sep 2024
Updated
CVSS v3.1
HIGH (8.8)
EPSS
1.08%
KEV

Description

In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a denial-of-service condition or memory overwrite.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 19 hours ago

Fediverse

Profile picture fallback
CERT@VDE @certvde

VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

certvde.com/en/advisories/vde-

festo.csaf-tp.certvde.com/.wel

  • 1
  • 1
  • 0
  • 19h ago

CVE-2023-37558

Overview

  • CODESYS
  • CODESYS Control for BeagleBone SL
03 Aug 2023
Published
11 Oct 2024
Updated
CVSS v3.1
MEDIUM (6.5)
EPSS
0.08%
KEV

Description

After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 19 hours ago

Fediverse

Profile picture fallback
CERT@VDE @certvde

VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

certvde.com/en/advisories/vde-

festo.csaf-tp.certvde.com/.wel

  • 1
  • 1
  • 0
  • 19h ago

CVE-2021-33486

Overview

  • Pending
03 Aug 2021
Published
03 Aug 2024
Updated
CVSS
Pending
EPSS
0.39%
KEV

Description

All versions of the CODESYS V3 Runtime Toolkit for VxWorks from version V3.5.8.0 and before version V3.5.17.10 have Improper Handling of Exceptional Conditions.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 19 hours ago

Fediverse

Profile picture fallback
CERT@VDE @certvde

VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

certvde.com/en/advisories/vde-

festo.csaf-tp.certvde.com/.wel

  • 1
  • 1
  • 0
  • 19h ago

CVE-2022-32136

Overview

  • CODESYS
  • Runtime Toolkit
24 Jun 2022
Published
16 Sep 2024
Updated
CVSS v3.1
MEDIUM (6.5)
EPSS
0.31%
KEV

Description

In multiple CODESYS products, a low privileged remote attacker may craft a request that cause a read access to an uninitialized pointer, resulting in a denial-of-service. User interaction is not required.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 19 hours ago

Fediverse

Profile picture fallback
CERT@VDE @certvde

VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

certvde.com/en/advisories/vde-

festo.csaf-tp.certvde.com/.wel

  • 1
  • 1
  • 0
  • 19h ago

CVE-2023-37551

Overview

  • CODESYS
  • CODESYS Control for BeagleBone SL
03 Aug 2023
Published
11 Oct 2024
Updated
CVSS v3.1
MEDIUM (6.5)
EPSS
0.08%
KEV

Description

In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfer, no filtering of certain file types is performed here. As a result, the integrity of the CODESYS control runtime system may be compromised by the files loaded onto the controller.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 19 hours ago

Fediverse

Profile picture fallback
CERT@VDE @certvde

VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

certvde.com/en/advisories/vde-

festo.csaf-tp.certvde.com/.wel

  • 1
  • 1
  • 0
  • 19h ago

CVE-2022-4046

Overview

  • CODESYS
  • CODESYS Control for BeagleBone SL
03 Aug 2023
Published
22 Oct 2024
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.76%
KEV

Description

In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.

Statistics

  • 1 Post
  • 2 Interactions
Last activity: 19 hours ago

Fediverse

Profile picture fallback
CERT@VDE @certvde

VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

certvde.com/en/advisories/vde-

festo.csaf-tp.certvde.com/.wel

  • 1
  • 1
  • 0
  • 19h ago
Showing 71 to 80 of 182 CVEs