Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-33485

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-03 Aug, 2021 | 15:44
Updated At-03 Aug, 2024 | 23:50
Rejected At-
Credits

CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
ā–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:03 Aug, 2021 | 15:44
Updated At:03 Aug, 2024 | 23:50
Rejected At:
ā–¼CVE Numbering Authority (CNA)

CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14805&token=f0b86f99bb302ddd4aadec483aed5f5d3fddbf1a&download=
x_refsource_CONFIRM
Hyperlink: https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14805&token=f0b86f99bb302ddd4aadec483aed5f5d3fddbf1a&download=
Resource:
x_refsource_CONFIRM
ā–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14805&token=f0b86f99bb302ddd4aadec483aed5f5d3fddbf1a&download=
x_refsource_CONFIRM
x_transferred
Hyperlink: https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14805&token=f0b86f99bb302ddd4aadec483aed5f5d3fddbf1a&download=
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
ā–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:03 Aug, 2021 | 16:15
Updated At:17 Aug, 2021 | 13:14

CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
CODESYS GmbH
codesys
>>control>>Versions before 4.2.0.0(exclusive)
cpe:2.3:a:codesys:control:*:*:*:*:*:beaglebone_sl:*:*
CODESYS GmbH
codesys
>>control>>Versions before 4.2.0.0(exclusive)
cpe:2.3:a:codesys:control:*:*:*:*:*:empc-a\/imx6_sl:*:*
CODESYS GmbH
codesys
>>control>>Versions before 4.2.0.0(exclusive)
cpe:2.3:a:codesys:control:*:*:*:*:*:iot2000_sl:*:*
CODESYS GmbH
codesys
>>control>>Versions up to 4.2.0.0(inclusive)
cpe:2.3:a:codesys:control:*:*:*:*:*:linux_sl:*:*
CODESYS GmbH
codesys
>>control>>Versions before 4.2.0.0(exclusive)
cpe:2.3:a:codesys:control:*:*:*:*:*:pfc100_sl:*:*
CODESYS GmbH
codesys
>>control>>Versions before 4.2.0.0(exclusive)
cpe:2.3:a:codesys:control:*:*:*:*:*:pfc200_sl:*:*
CODESYS GmbH
codesys
>>control>>Versions before 4.2.0.0(exclusive)
cpe:2.3:a:codesys:control:*:*:*:*:*:plcnext_sl:*:*
CODESYS GmbH
codesys
>>control>>Versions before 4.2.0.0(exclusive)
cpe:2.3:a:codesys:control:*:*:*:*:*:raspberry_pi_sl:*:*
CODESYS GmbH
codesys
>>control>>Versions before 4.2.0.0(exclusive)
cpe:2.3:a:codesys:control:*:*:*:*:*:wago_touch_panels_600_sl:*:*
CODESYS GmbH
codesys
>>control_rte>>Versions before 3.5.17.10(exclusive)
cpe:2.3:a:codesys:control_rte:*:*:*:*:*:-:*:*
CODESYS GmbH
codesys
>>control_rte>>Versions before 3.5.17.10(exclusive)
cpe:2.3:a:codesys:control_rte:*:*:*:*:*:beckhoff_cx:*:*
CODESYS GmbH
codesys
>>control_runtime_system_toolkit>>Versions before 3.5.17.10(exclusive)
cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*
CODESYS GmbH
codesys
>>control_win_sl>>Versions before 3.5.17.10(exclusive)
cpe:2.3:a:codesys:control_win_sl:*:*:*:*:*:*:*:*
CODESYS GmbH
codesys
>>embedded_target_visu_toolkit>>Versions before 3.5.17.10(exclusive)
cpe:2.3:a:codesys:embedded_target_visu_toolkit:*:*:*:*:*:*:*:*
CODESYS GmbH
codesys
>>hmi>>Versions before 3.5.17.10(exclusive)
cpe:2.3:a:codesys:hmi:*:*:*:*:*:*:*:*
CODESYS GmbH
codesys
>>remote_target_visu_toolkit>>Versions before 3.5.17.10(exclusive)
cpe:2.3:a:codesys:remote_target_visu_toolkit:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14805&token=f0b86f99bb302ddd4aadec483aed5f5d3fddbf1a&download=cve@mitre.org
Vendor Advisory
Hyperlink: https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14805&token=f0b86f99bb302ddd4aadec483aed5f5d3fddbf1a&download=
Source: cve@mitre.org
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

2551Records found
CVE-2021-30189
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.57% / 68.70%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:09
Updated-15 Aug, 2025 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer Overflow.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893v2_web_server750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30188
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.57% / 68.70%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:33
Updated-15 Aug, 2025 | 20:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based Buffer Overflow.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203v2_runtime_system_sp750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30193
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.53% / 67.23%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:09
Updated-15 Aug, 2025 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Write.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893v2_web_server750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-10245
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.05% / 77.70%
||
7 Day CHG~0.00%
Published-26 Mar, 2020 | 03:45
Updated-04 Aug, 2024 | 10:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.

Action-Not Available
Vendor-n/aCODESYS GmbH
Product-control_for_pfc200control_for_raspberry_picontrol_rtecontrol_for_iot2000control_runtime_system_toolkithmicontrol_for_empc-a\/imx6embedded_target_visu_toolkitcontrol_for_linuxcontrol_for_plcnextcontrol_for_beaglebonecontrol_wincontrol_for_pfc100remote_target_visu_toolkitn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-13548
Matching Score-10
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-10
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-2.40% / 85.14%
||
7 Day CHG~0.00%
Published-13 Sep, 2019 | 16:58
Updated-04 Aug, 2024 | 23:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution.

Action-Not Available
Vendor-n/aCODESYS GmbH
Product-control_for_pfc200control_for_raspberry_picontrol_rtecontrol_for_iot2000control_runtime_system_toolkithmicontrol_for_empc-a\/imx6embedded_target_visu_toolkitcontrol_for_linuxcontrol_for_beaglebonecontrol_wincontrol_for_pfc100remote_target_visu_toolkitCODESYS V3 web server
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-16265
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.57% / 68.70%
||
7 Day CHG~0.00%
Published-25 Oct, 2019 | 16:34
Updated-05 Aug, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2.3 ENI server up to V3.2.2.24 has a Buffer Overflow.

Action-Not Available
Vendor-n/aCODESYS GmbH
Product-eni_servercodesysn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30190
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 62.51%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:09
Updated-15 Aug, 2025 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893v2_web_server750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2021-30192
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.53% / 67.23%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:09
Updated-15 Aug, 2025 | 20:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893v2_web_server750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CVE-2021-29242
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.32% / 54.78%
||
7 Day CHG~0.00%
Published-03 May, 2021 | 13:56
Updated-03 Aug, 2024 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.

Action-Not Available
Vendor-n/aCODESYS GmbH
Product-control_rtecontrol_runtime_system_toolkitcontrol_for_pfc100_slhmicontrol_for_beaglebone_slopc_serverremote_target_visu_toolkitgatewaycontrol_for_linux_sledge_gatewaysimulation_runtimeplchandlercontrol_for_pfc200_slembedded_target_visu_toolkitcontrol_for_iot2000_slcontrol_for_wago_touch_panels_600_slcontrol_for_raspberry_pi_slcontrol_for_linux_arm_slcontrol_for_plcnext_slcontrol_for_empc-a\/imx6_slsafety_silcontrol_winn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-6027
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-1.86% / 83.18%
||
7 Day CHG~0.00%
Published-19 May, 2017 | 02:43
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A specially crafted web server request may allow the upload of arbitrary files (with a dangerous type) to the CODESYS Web Server without authorization which may allow remote code execution.

Action-Not Available
Vendor-n/aCODESYS GmbH
Product-web_server3S-Smart Software Solutions GmbH CODESYS Web Server
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2017-6025
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-8
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.63% / 70.37%
||
7 Day CHG~0.00%
Published-19 May, 2017 | 02:43
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A malicious user could overflow the stack buffer by providing overly long strings to functions that handle the XML. Because the function does not verify string size before copying to memory, the attacker may then be able to crash the application or run arbitrary code.

Action-Not Available
Vendor-n/aCODESYS GmbH
Product-web_server3S-Smart Software Solutions GmbH CODESYS Web Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CVE-2022-31802
Matching Score-8
Assigner-CERT@VDE
ShareView Details
Matching Score-8
Assigner-CERT@VDE
CVSS Score-9.8||CRITICAL
EPSS-0.53% / 67.30%
||
7 Day CHG~0.00%
Published-24 Jun, 2022 | 07:46
Updated-17 Sep, 2024 | 00:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Partial string comparison in CODESYS gateway server

In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only a part of the the specified password is been compared to the real CODESYS Gateway password. An attacker may perform authentication by specifying a small password that matches the corresponding part of the longer real CODESYS Gateway password.

Action-Not Available
Vendor-CODESYS GmbH
Product-gatewayCODESYS Gateway Server V2
CWE ID-CWE-187
Partial String Comparison
CVE-2022-31806
Matching Score-8
Assigner-CERT@VDE
ShareView Details
Matching Score-8
Assigner-CERT@VDE
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 63.50%
||
7 Day CHG~0.00%
Published-24 Jun, 2022 | 07:46
Updated-17 Sep, 2024 | 03:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insecure default settings in CODESYS Runtime Toolkit 32 bit full and CODESYS PLCWinNT

In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller.

Action-Not Available
Vendor-CODESYS GmbH
Product-runtime_toolkitplcwinntCODESYS PLCWinNTCODESYS Runtime Toolkit 32 bit full
CWE ID-CWE-1188
Initialization of a Resource with an Insecure Default
CVE-2019-9010
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 55.32%
||
7 Day CHG~0.00%
Published-15 Aug, 2019 | 17:44
Updated-04 Aug, 2024 | 21:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the ownership of a communication channel. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System.

Action-Not Available
Vendor-n/aCODESYS GmbH
Product-development_systemcontrol_for_pfc200_slcontrol_for_pfc100_slgatewaycontrol_for_iot2000_slcontrol_for_raspberry_pi_slcontrol_for_beaglebone_slcontrol_for_empc-a\/imx6_slcontrol_runtime_toolkitcontrol_for_linux_sln/a
CVE-2019-18858
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.41% / 61.30%
||
7 Day CHG~0.00%
Published-20 Nov, 2019 | 17:04
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.

Action-Not Available
Vendor-n/aCODESYS GmbH
Product-control_for_pfc200control_for_raspberry_picontrol_rtecontrol_for_iot2000control_runtime_system_toolkithmicontrol_for_empc-a\/imx6embedded_target_visu_toolkitcontrol_for_linuxcontrol_for_plcnextcontrol_for_beaglebonecontrol_wincontrol_for_pfc100remote_target_visu_toolkitn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-49675
Matching Score-6
Assigner-CERT@VDE
ShareView Details
Matching Score-6
Assigner-CERT@VDE
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.59%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 11:09
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS: Out-of-bounds write through corrupted project files

An unauthenticated local attacker may trick a user to open corrupted project files to execute arbitrary code or crash the system due to an out-of-bounds write vulnerability.

Action-Not Available
Vendor-CODESYS GmbH
Product-CODESYS Development System V2.3development_system
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-47383
Matching Score-6
Assigner-CERT@VDE
ShareView Details
Matching Score-6
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-3.06% / 86.79%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 09:44
Updated-17 Jul, 2025 | 12:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS: Multiple products prone to stack based out-of-bounds write

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can leadĀ to a denial-of-service condition, memory overwriting, or remote code execution.

Action-Not Available
Vendor-CODESYS GmbH
Product-control_for_plcnext_slcontrol_for_beaglebone_slcontrol_win_\(sl\)control_for_pfc200_slsafety_sil2_pspcontrol_for_empc-a\/imx6_slhmi_\(sl\)control_for_wago_touch_panels_600_slsafety_sil2_runtime_toolkitcontrol_rte_\(sl\)control_for_raspberry_pi_sldevelopment_system_v3control_for_linux_slcontrol_for_iot2000_slcontrol_runtime_system_toolkitcontrol_for_pfc100_slcontrol_rte_\(for_beckhoff_cx\)_slCODESYS Control Win (SL)CODESYS Safety SIL2 Runtime ToolkitCODESYS Control RTE (for Beckhoff CX) SLCODESYS Control for Linux SLCODESYS Control for emPC-A/iMX6 SLCODESYS Control for WAGO Touch Panels 600 SLCODESYS Control for PFC200 SLCODESYS Control for BeagleBone SLCODESYS HMI (SL)CODESYS Control for PLCnext SLCODESYS Development System V3CODESYS Control RTE (SL)CODESYS Control for IOT2000 SLCODESYS Control Runtime System ToolkitCODESYS Safety SIL2 PSPCODESYS Control for PFC100 SLCODESYS Control for Raspberry Pi SL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30186
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.45% / 63.82%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 12:33
Updated-15 Aug, 2025 | 20:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow.

Action-Not Available
Vendor-wagon/aCODESYS GmbH
Product-750-8202750-832_firmware750-831750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-885_firmware750-881750-880750-829750-8210_firmware750-8213_firmware750-8203_firmware750-891_firmware750-8214_firmware750-8212_firmware750-881_firmware750-823_firmware750-823750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmwareruntime_toolkit750-8203750-889_firmware750-8212750-890_firmware750-8206_firmware750-8208_firmware750-882750-890750-852750-832750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204plcwinnt750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-34583
Matching Score-6
Assigner-CERT@VDE
ShareView Details
Matching Score-6
Assigner-CERT@VDE
CVSS Score-7.5||HIGH
EPSS-0.69% / 71.97%
||
7 Day CHG~0.00%
Published-26 Oct, 2021 | 09:55
Updated-15 Aug, 2025 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS V2 web server: crafted requests could trigger a heap-based buffer overflow (DoS)

Crafted web server requests may cause a heap-based buffer overflow and could therefore trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22.

Action-Not Available
Vendor-wagoCODESYS GmbH
Product-750-8202750-831750-832_firmware750-8211750-893750-8202_firmware750-8216750-831_firmware750-8214750-881750-885_firmware750-829750-880750-8210_firmware750-823750-8203_firmware750-8213_firmware750-8214_firmware750-823_firmware750-881_firmware750-8212_firmware750-862750-8211_firmware750-8217_firmware750-882_firmware750-8207_firmware750-8203750-889_firmware750-891750-8212750-890_firmware750-8206_firmware750-8208_firmwarecodesys750-832750-882750-852750-890750-8206750-8207750-8208750-889750-862_firmware750-893_firmware750-8204_firmware750-885750-8204750-8210750-8213750-8216_firmware750-852_firmware750-8217750-880_firmware750-829_firmware750-891_firmwareCODESYS V2
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-47390
Matching Score-6
Assigner-CERT@VDE
ShareView Details
Matching Score-6
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-3.06% / 86.79%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 09:58
Updated-17 Jul, 2025 | 13:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS: Multiple products prone to stack based out-of-bounds write

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can leadĀ to a denial-of-service condition, memory overwriting, or remote code execution.

Action-Not Available
Vendor-CODESYS GmbH
Product-control_for_plcnext_slcontrol_for_beaglebone_slcontrol_win_\(sl\)control_for_pfc200_slsafety_sil2_pspcontrol_for_empc-a\/imx6_slhmi_\(sl\)control_for_wago_touch_panels_600_slsafety_sil2_runtime_toolkitcontrol_rte_\(sl\)control_for_raspberry_pi_sldevelopment_system_v3control_for_linux_slcontrol_for_iot2000_slcontrol_runtime_system_toolkitcontrol_for_pfc100_slcontrol_rte_\(for_beckhoff_cx\)_slCODESYS Control Win (SL)CODESYS Safety SIL2 Runtime ToolkitCODESYS Control RTE (for Beckhoff CX) SLCODESYS Control for Linux SLCODESYS Control for emPC-A/iMX6 SLCODESYS Control for WAGO Touch Panels 600 SLCODESYS Control for PFC200 SLCODESYS Control for BeagleBone SLCODESYS HMI (SL)CODESYS Control for PLCnext SLCODESYS Development System V3CODESYS Control RTE (SL)CODESYS Control for IOT2000 SLCODESYS Control Runtime System ToolkitCODESYS Safety SIL2 PSPCODESYS Control for PFC100 SLCODESYS Control for Raspberry Pi SL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-47381
Matching Score-6
Assigner-CERT@VDE
ShareView Details
Matching Score-6
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-3.06% / 86.79%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 09:41
Updated-17 Jul, 2025 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS: Multiple products prone to stack based out-of-bounds write

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can leadĀ to a denial-of-service condition, memory overwriting, or remote code execution.

Action-Not Available
Vendor-CODESYS GmbH
Product-control_for_plcnext_slcontrol_for_beaglebone_slcontrol_win_\(sl\)control_for_pfc200_slsafety_sil2_pspcontrol_for_empc-a\/imx6_slhmi_\(sl\)control_for_wago_touch_panels_600_slsafety_sil2_runtime_toolkitcontrol_rte_\(sl\)control_for_raspberry_pi_sldevelopment_system_v3control_for_linux_slcontrol_for_iot2000_slcontrol_runtime_system_toolkitcontrol_for_pfc100_slcontrol_rte_\(for_beckhoff_cx\)_slCODESYS Control Win (SL)CODESYS Safety SIL2 Runtime ToolkitCODESYS Control RTE (for Beckhoff CX) SLCODESYS Control for Linux SLCODESYS Control for emPC-A/iMX6 SLCODESYS Control for WAGO Touch Panels 600 SLCODESYS Control for PFC200 SLCODESYS Control for BeagleBone SLCODESYS HMI (SL)CODESYS Control for PLCnext SLCODESYS Development System V3CODESYS Control RTE (SL)CODESYS Control for IOT2000 SLCODESYS Control Runtime System ToolkitCODESYS Safety SIL2 PSPCODESYS Control for PFC100 SLCODESYS Control for Raspberry Pi SL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-47384
Matching Score-6
Assigner-CERT@VDE
ShareView Details
Matching Score-6
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-3.06% / 86.79%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 09:46
Updated-17 Jul, 2025 | 13:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS: Multiple products prone to stack based out-of-bounds write

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can leadĀ to a denial-of-service condition, memory overwriting, or remote code execution.

Action-Not Available
Vendor-CODESYS GmbH
Product-control_for_plcnext_slcontrol_for_beaglebone_slcontrol_win_\(sl\)control_for_pfc200_slsafety_sil2_pspcontrol_for_empc-a\/imx6_slhmi_\(sl\)control_for_wago_touch_panels_600_slsafety_sil2_runtime_toolkitcontrol_rte_\(sl\)control_for_raspberry_pi_sldevelopment_system_v3control_for_linux_slcontrol_for_iot2000_slcontrol_runtime_system_toolkitcontrol_for_pfc100_slcontrol_rte_\(for_beckhoff_cx\)_slCODESYS Control Win (SL)CODESYS Safety SIL2 Runtime ToolkitCODESYS Control RTE (for Beckhoff CX) SLCODESYS Control for Linux SLCODESYS Control for emPC-A/iMX6 SLCODESYS Control for WAGO Touch Panels 600 SLCODESYS Control for PFC200 SLCODESYS Control for BeagleBone SLCODESYS HMI (SL)CODESYS Control for PLCnext SLCODESYS Development System V3CODESYS Control RTE (SL)CODESYS Control for IOT2000 SLCODESYS Control Runtime System ToolkitCODESYS Safety SIL2 PSPCODESYS Control for PFC100 SLCODESYS Control for Raspberry Pi SL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-47380
Matching Score-6
Assigner-CERT@VDE
ShareView Details
Matching Score-6
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-3.06% / 86.79%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 09:40
Updated-17 Jul, 2025 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS: Multiple products prone to out-of-bounds write

An authenticated remote attacker may use a stack basedĀ  out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into the stack which can leadĀ to a denial-of-service condition, memory overwriting, or remote code execution.

Action-Not Available
Vendor-CODESYS GmbH
Product-control_for_plcnext_slcontrol_for_beaglebone_slcontrol_win_\(sl\)control_for_pfc200_slsafety_sil2_pspcontrol_for_empc-a\/imx6_slhmi_\(sl\)control_for_wago_touch_panels_600_slsafety_sil2_runtime_toolkitcontrol_rte_\(sl\)control_for_raspberry_pi_sldevelopment_system_v3control_for_linux_slcontrol_for_iot2000_slcontrol_runtime_system_toolkitcontrol_for_pfc100_slcontrol_rte_\(for_beckhoff_cx\)_slCODESYS Control Win (SL)CODESYS Safety SIL2 Runtime ToolkitCODESYS Control RTE (for Beckhoff CX) SLCODESYS Control for Linux SLCODESYS Control for emPC-A/iMX6 SLCODESYS Control for WAGO Touch Panels 600 SLCODESYS Control for PFC200 SLCODESYS Control for BeagleBone SLCODESYS HMI (SL)CODESYS Control for PLCnext SLCODESYS Development System V3CODESYS Control RTE (SL)CODESYS Control for IOT2000 SLCODESYS Control Runtime System ToolkitCODESYS Safety SIL2 PSPCODESYS Control for PFC100 SLCODESYS Control for Raspberry Pi SL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-47389
Matching Score-6
Assigner-CERT@VDE
ShareView Details
Matching Score-6
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-5.75% / 90.51%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 09:57
Updated-17 Jul, 2025 | 13:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS: Multiple products prone to stack based out-of-bounds write

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can leadĀ to a denial-of-service condition, memory overwriting, or remote code execution.

Action-Not Available
Vendor-CODESYS GmbH
Product-control_for_plcnext_slcontrol_for_beaglebone_slcontrol_win_\(sl\)control_for_pfc200_slsafety_sil2_pspcontrol_for_empc-a\/imx6_slhmi_\(sl\)control_for_wago_touch_panels_600_slsafety_sil2_runtime_toolkitcontrol_rte_\(sl\)control_for_raspberry_pi_sldevelopment_system_v3control_for_linux_slcontrol_for_iot2000_slcontrol_runtime_system_toolkitcontrol_for_pfc100_slcontrol_rte_\(for_beckhoff_cx\)_slCODESYS Control Win (SL)CODESYS Safety SIL2 Runtime ToolkitCODESYS Control RTE (for Beckhoff CX) SLCODESYS Control for Linux SLCODESYS Control for emPC-A/iMX6 SLCODESYS Control for WAGO Touch Panels 600 SLCODESYS Control for PFC200 SLCODESYS Control for BeagleBone SLCODESYS HMI (SL)CODESYS Control for PLCnext SLCODESYS Development System V3CODESYS Control RTE (SL)CODESYS Control for IOT2000 SLCODESYS Control Runtime System ToolkitCODESYS Safety SIL2 PSPCODESYS Control for PFC100 SLCODESYS Control for Raspberry Pi SL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-47388
Matching Score-6
Assigner-CERT@VDE
ShareView Details
Matching Score-6
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-3.06% / 86.79%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 09:56
Updated-17 Jul, 2025 | 13:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS: Multiple products prone to stack based out-of-bounds write

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can leadĀ to a denial-of-service condition, memory overwriting, or remote code execution.

Action-Not Available
Vendor-CODESYS GmbH
Product-control_for_plcnext_slcontrol_for_beaglebone_slcontrol_win_\(sl\)control_for_pfc200_slsafety_sil2_pspcontrol_for_empc-a\/imx6_slhmi_\(sl\)control_for_wago_touch_panels_600_slsafety_sil2_runtime_toolkitcontrol_rte_\(sl\)control_for_raspberry_pi_sldevelopment_system_v3control_for_linux_slcontrol_for_iot2000_slcontrol_runtime_system_toolkitcontrol_for_pfc100_slcontrol_rte_\(for_beckhoff_cx\)_slCODESYS Control Win (SL)CODESYS Safety SIL2 Runtime ToolkitCODESYS Control RTE (for Beckhoff CX) SLCODESYS Control for Linux SLCODESYS Control for emPC-A/iMX6 SLCODESYS Control for WAGO Touch Panels 600 SLCODESYS Control for PFC200 SLCODESYS Control for BeagleBone SLCODESYS HMI (SL)CODESYS Control for PLCnext SLCODESYS Development System V3CODESYS Control RTE (SL)CODESYS Control for IOT2000 SLCODESYS Control Runtime System ToolkitCODESYS Safety SIL2 PSPCODESYS Control for PFC100 SLCODESYS Control for Raspberry Pi SL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-47386
Matching Score-6
Assigner-CERT@VDE
ShareView Details
Matching Score-6
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-3.06% / 86.79%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 09:49
Updated-17 Jul, 2025 | 13:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS: Multiple products prone to stack based out-of-bounds write

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can leadĀ to a denial-of-service condition, memory overwriting, or remote code execution.

Action-Not Available
Vendor-CODESYS GmbH
Product-control_for_plcnext_slcontrol_for_beaglebone_slcontrol_win_\(sl\)control_for_pfc200_slsafety_sil2_pspcontrol_for_empc-a\/imx6_slhmi_\(sl\)control_for_wago_touch_panels_600_slsafety_sil2_runtime_toolkitcontrol_rte_\(sl\)control_for_raspberry_pi_sldevelopment_system_v3control_for_linux_slcontrol_for_iot2000_slcontrol_runtime_system_toolkitcontrol_for_pfc100_slcontrol_rte_\(for_beckhoff_cx\)_slCODESYS Control Win (SL)CODESYS Safety SIL2 Runtime ToolkitCODESYS Control RTE (for Beckhoff CX) SLCODESYS Control for Linux SLCODESYS Control for emPC-A/iMX6 SLCODESYS Control for WAGO Touch Panels 600 SLCODESYS Control for PFC200 SLCODESYS Control for BeagleBone SLCODESYS HMI (SL)CODESYS Control for PLCnext SLCODESYS Development System V3CODESYS Control RTE (SL)CODESYS Control for IOT2000 SLCODESYS Control Runtime System ToolkitCODESYS Safety SIL2 PSPCODESYS Control for PFC100 SLCODESYS Control for Raspberry Pi SL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-47385
Matching Score-6
Assigner-CERT@VDE
ShareView Details
Matching Score-6
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-3.06% / 86.79%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 09:47
Updated-17 Jul, 2025 | 13:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS: Multiple products prone to stack based out-of-bounds write

An authenticated, remote attacker may use a stack based out-of-bounds write vulnerability in the CmpAppForce Component of multiple CODESYS products in multiple versions to write data into the stack which can leadĀ to a denial-of-service condition, memory overwriting, or remote code execution.

Action-Not Available
Vendor-CODESYS GmbH
Product-control_for_plcnext_slcontrol_for_beaglebone_slcontrol_win_\(sl\)control_for_pfc200_slsafety_sil2_pspcontrol_for_empc-a\/imx6_slhmi_\(sl\)control_for_wago_touch_panels_600_slsafety_sil2_runtime_toolkitcontrol_rte_\(sl\)control_for_raspberry_pi_sldevelopment_system_v3control_for_linux_slcontrol_for_iot2000_slcontrol_runtime_system_toolkitcontrol_for_pfc100_slcontrol_rte_\(for_beckhoff_cx\)_slCODESYS Control Win (SL)CODESYS Safety SIL2 Runtime ToolkitCODESYS Control RTE (for Beckhoff CX) SLCODESYS Control for Linux SLCODESYS Control for emPC-A/iMX6 SLCODESYS Control for WAGO Touch Panels 600 SLCODESYS Control for PFC200 SLCODESYS Control for BeagleBone SLCODESYS HMI (SL)CODESYS Control for PLCnext SLCODESYS Development System V3CODESYS Control RTE (SL)CODESYS Control for IOT2000 SLCODESYS Control Runtime System ToolkitCODESYS Safety SIL2 PSPCODESYS Control for PFC100 SLCODESYS Control for Raspberry Pi SL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-47387
Matching Score-6
Assigner-CERT@VDE
ShareView Details
Matching Score-6
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-3.06% / 86.79%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 09:54
Updated-17 Jul, 2025 | 13:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS: Multiple products prone to stack based out-of-bounds write

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can leadĀ to a denial-of-service condition, memory overwriting, or remote code execution.

Action-Not Available
Vendor-CODESYS GmbH
Product-control_for_plcnext_slcontrol_for_beaglebone_slcontrol_win_\(sl\)control_for_pfc200_slsafety_sil2_pspcontrol_for_empc-a\/imx6_slhmi_\(sl\)control_for_wago_touch_panels_600_slsafety_sil2_runtime_toolkitcontrol_rte_\(sl\)control_for_raspberry_pi_sldevelopment_system_v3control_for_linux_slcontrol_for_iot2000_slcontrol_runtime_system_toolkitcontrol_for_pfc100_slcontrol_rte_\(for_beckhoff_cx\)_slCODESYS Control Win (SL)CODESYS Safety SIL2 Runtime ToolkitCODESYS Control RTE (for Beckhoff CX) SLCODESYS Control for Linux SLCODESYS Control for emPC-A/iMX6 SLCODESYS Control for WAGO Touch Panels 600 SLCODESYS Control for PFC200 SLCODESYS Control for BeagleBone SLCODESYS HMI (SL)CODESYS Control for PLCnext SLCODESYS Development System V3CODESYS Control RTE (SL)CODESYS Control for IOT2000 SLCODESYS Control Runtime System ToolkitCODESYS Safety SIL2 PSPCODESYS Control for PFC100 SLCODESYS Control for Raspberry Pi SL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-47379
Matching Score-6
Assigner-CERT@VDE
ShareView Details
Matching Score-6
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-3.62% / 87.88%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 09:33
Updated-17 Jul, 2025 | 12:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS: Multiple products prone to out-of-bounds write

An authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can leadĀ to a denial-of-service condition, memory overwriting, or remote code execution.

Action-Not Available
Vendor-CODESYS GmbH
Product-control_for_plcnext_slcontrol_for_beaglebone_slcontrol_win_\(sl\)control_for_pfc200_slsafety_sil2_pspcontrol_for_empc-a\/imx6_slhmi_\(sl\)control_for_wago_touch_panels_600_slsafety_sil2_runtime_toolkitcontrol_rte_\(sl\)control_for_raspberry_pi_sldevelopment_system_v3control_for_linux_slcontrol_for_iot2000_slcontrol_runtime_system_toolkitcontrol_for_pfc100_slcontrol_rte_\(for_beckhoff_cx\)_slCODESYS Control Win (SL)CODESYS Safety SIL2 Runtime ToolkitCODESYS Control RTE (for Beckhoff CX) SLCODESYS Control for Linux SLCODESYS Control for emPC-A/iMX6 SLCODESYS Control for WAGO Touch Panels 600 SLCODESYS Control for PFC200 SLCODESYS Control for BeagleBone SLCODESYS HMI (SL)CODESYS Control for PLCnext SLCODESYS Development System V3CODESYS Control RTE (SL)CODESYS Control for IOT2000 SLCODESYS Control Runtime System ToolkitCODESYS Safety SIL2 PSPCODESYS Control for PFC100 SLCODESYS Control for Raspberry Pi SL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-5105
Matching Score-6
Assigner-Talos
ShareView Details
Matching Score-6
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.20% / 41.21%
||
7 Day CHG~0.00%
Published-26 Mar, 2020 | 14:12
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable memory corruption vulnerability exists in the Name Service Client functionality of 3S-Smart Software Solutions CODESYS GatewayService. A specially crafted packet can cause a large memcpy, resulting in an access violation and termination of the process. An attacker can send a packet to a device running the GatewayService.exe to trigger this vulnerability. All variants of the CODESYS V3 products in all versions prior V3.5.16.10 containing the CmpRouter or CmpRouterEmbedded component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PLCnext, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control RTE V3, CODESYS Control RTE V3 (for Beckhoff CX), CODESYS Control Win V3 (also part of the CODESYS Development System setup), CODESYS Control V3 Runtime System Toolkit, CODESYS V3 Embedded Target Visu Toolkit, CODESYS V3 Remote Target Visu Toolkit, CODESYS V3 Safety SIL2, CODESYS Edge Gateway V3, CODESYS Gateway V3, CODESYS HMI V3, CODESYS OPC Server V3, CODESYS PLCHandler SDK, CODESYS V3 Simulation Runtime (part of the CODESYS Development System).

Action-Not Available
Vendor-n/aCODESYS GmbH
Product-codesys3S
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-37557
Matching Score-6
Assigner-CERT@VDE
ShareView Details
Matching Score-6
Assigner-CERT@VDE
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 17.96%
||
7 Day CHG~0.00%
Published-03 Aug, 2023 | 11:06
Updated-09 Oct, 2024 | 20:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS Heap-based Buffer Overflow in multiple products

After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.

Action-Not Available
Vendor-CODESYS GmbH
Product-control_rte_sl_\(for_beckhoff_cx\)development_systemcontrol_for_pfc100_slcontrol_runtime_system_toolkithmicontrol_for_beaglebone_slsafety_sil2control_for_linux_slcontrol_for_pfc200_slcontrol_for_iot2000_slcontrol_for_wago_touch_panels_600_slcontrol_for_raspberry_pi_slcontrol_rte_slcontrol_for_empc-a\/imx6_slcontrol_for_plcnext_slcontrol_win_slCODESYS Control for WAGO Touch Panels 600 SLCODESYS Control for Raspberry Pi SLCODESYS Control for PFC100 SLCODESYS Control Runtime System ToolkitCODESYS Control for BeagleBone SLCODESYS Control for Linux SLCODESYS Control for PLCnext SLCODESYS Control RTE (SL)CODESYS HMI (SL)CODESYS Control for PFC200 SLCODESYS Development System V3CODESYS Safety SIL2 Runtime ToolkitCODESYS Control RTE (for Beckhoff CX) SLCODESYS Control for IOT2000 SLCODESYS Control for emPC-A/iMX6 SLCODESYS Control Win (SL)
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-47382
Matching Score-6
Assigner-CERT@VDE
ShareView Details
Matching Score-6
Assigner-CERT@VDE
CVSS Score-8.8||HIGH
EPSS-3.06% / 86.79%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 09:42
Updated-17 Jul, 2025 | 12:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS: Multiple products prone to stack based out-of-bounds write

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can leadĀ to a denial-of-service condition, memory overwriting, or remote code execution.

Action-Not Available
Vendor-CODESYS GmbH
Product-control_for_plcnext_slcontrol_for_beaglebone_slcontrol_win_\(sl\)control_for_pfc200_slsafety_sil2_pspcontrol_for_empc-a\/imx6_slhmi_\(sl\)control_for_wago_touch_panels_600_slsafety_sil2_runtime_toolkitcontrol_rte_\(sl\)control_for_raspberry_pi_sldevelopment_system_v3control_for_linux_slcontrol_for_iot2000_slcontrol_runtime_system_toolkitcontrol_for_pfc100_slcontrol_rte_\(for_beckhoff_cx\)_slCODESYS Control Win (SL)CODESYS Safety SIL2 Runtime ToolkitCODESYS Control RTE (for Beckhoff CX) SLCODESYS Control for Linux SLCODESYS Control for emPC-A/iMX6 SLCODESYS Control for WAGO Touch Panels 600 SLCODESYS Control for PFC200 SLCODESYS Control for BeagleBone SLCODESYS HMI (SL)CODESYS Control for PLCnext SLCODESYS Development System V3CODESYS Control RTE (SL)CODESYS Control for IOT2000 SLCODESYS Control Runtime System ToolkitCODESYS Safety SIL2 PSPCODESYS Control for PFC100 SLCODESYS Control for Raspberry Pi SL
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-18834
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 64.16%
||
7 Day CHG~0.00%
Published-30 Oct, 2018 | 06:00
Updated-05 Aug, 2024 | 11:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c.

Action-Not Available
Vendor-mz-automationn/a
Product-libiec61850n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-41736
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 59.85%
||
7 Day CHG~0.00%
Published-22 Mar, 2022 | 17:23
Updated-04 Aug, 2024 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Faust v2.35.0 was discovered to contain a heap-buffer overflow in the function realPropagate() at propagate.cpp.

Action-Not Available
Vendor-gramen/a
Product-faustn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2015-5628
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-7.49% / 91.83%
||
7 Day CHG~0.00%
Published-05 Feb, 2020 | 18:46
Updated-06 Aug, 2024 | 06:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquantum R2.85.00 and earlier, Exaquantum/Batch R2.50.30 and earlier, Exapilot R3.96.10 and earlier, Exaplog R3.40.00 and earlier, Exasmoc R4.03.20 and earlier, Exarqe R4.03.20 and earlier, Field Wireless Device OPC Server R2.01.02 and earlier, PRM R3.12.00 and earlier, STARDOM VDS R7.30.01 and earlier, STARDOM OPC Server for Windows R3.40 and earlier, FAST/TOOLS R10.01 and earlier, B/M9000CS R5.05.01 and earlier, B/M9000 VP R7.03.04 and earlier, and FieldMate R1.01 or R1.02 allows remote attackers to execute arbitrary code via a crafted packet.

Action-Not Available
Vendor-yokogawaYokogawa
Product-field_wireless_device_opc_servercentum_cs_1000_firmwareb\/m9000cscentum_vp_firmwareb\/m9000_vpstardom_opc_serverexaquantumexasmocplant_resource_managerfieldmateversatile_data_server_softwarecentum_vpcentum_vp_entrycentum_cs_3000_entry_firmwareprosafe-rscentum_cs_3000_entryexapilotexaquantum\/batchexaopcprosafe-rs_firmwarescada_software_\(fast\/tools\)centum_cs_3000_firmwarecentum_cs_1000exaplogexarqecentum_cs_3000centum_vp_entry_firmwareb\/m9000cs_firmwareb\/m9000_vp_firmwareExasmocCENTUM VP EntryFAST/TOOLSCENTUM VPExaplogExarqeB/M9000CSExaquantumCENTUM CS 3000CENTUM CS 1000B/M9000 VPExaquantum/BatchFieldMateSTARDOM VDSField Wireless Device OPC ServerExaopcProSafe-RSCENTUM CS 3000 EntryPRMSTARDOM OPC Server for WindowsExapilot
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-12603
Matching Score-4
Assigner-a0340c66-c385-4f8b-991b-3d05f6fd5220
ShareView Details
Matching Score-4
Assigner-a0340c66-c385-4f8b-991b-3d05f6fd5220
CVSS Score-2.3||LOW
EPSS-0.05% / 14.80%
||
7 Day CHG~0.00%
Published-01 Nov, 2025 | 18:56
Updated-07 Nov, 2025 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
/etc/timezone can be Arbitrarily Written

/etc/timezone can be Arbitrarily Written.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

Action-Not Available
Vendor-azure-accessAzure Access Technology
Product-blu-ic2blu-ic4_firmwareblu-ic2_firmwareblu-ic4BLU-IC2BLU-IC4
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-42018
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-5.9||MEDIUM
EPSS-0.33% / 55.60%
||
7 Day CHG~0.00%
Published-08 Mar, 2022 | 11:31
Updated-12 Aug, 2025 | 12:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100P (32M) V4.X, RUGGEDCOM RSG2100P (32M) V5.X, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2100PNC (32M) V4.X, RUGGEDCOM RSG2100PNC (32M) V5.X, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. Within a third-party component, whenever memory allocation is requested, the out of bound size is not checked. Therefore, if size exceeding the expected allocation is assigned, it could allocate a smaller buffer instead. If an attacker were to exploit this, they could cause a heap overflow.

Action-Not Available
Vendor-Siemens AG
Product-ruggedcom_rs969ruggedcom_rs910ruggedcom_rsg2100ruggedcom_rsg2300pruggedcom_rs930lruggedcom_rsg907rruggedcom_rsg910cruggedcom_rs416ruggedcom_rs900wruggedcom_i801ruggedcom_rosruggedcom_m2100ruggedcom_rmcruggedcom_i800ruggedcom_rst2228ruggedcom_rs930wruggedcom_rmc8388ruggedcom_rsg2200ruggedcom_rs900ruggedcom_rs401ruggedcom_rs8000truggedcom_rsg909rruggedcom_rp110ruggedcom_rs910lruggedcom_i802ruggedcom_m969ruggedcom_rs910wruggedcom_rsg2100pruggedcom_rs8000ruggedcom_rst916pruggedcom_rs900gpruggedcom_rs900lruggedcom_rmc40ruggedcom_rsl910ruggedcom_rmc41ruggedcom_rsg920pruggedcom_rs920wruggedcom_rs416v2ruggedcom_rs8000aruggedcom_rsg2300ruggedcom_rst916cruggedcom_m2200ruggedcom_rs400ruggedcom_rst2228pruggedcom_rmc20ruggedcom_rs8000hruggedcom_rsg908cruggedcom_i803ruggedcom_rsg2488ruggedcom_rs900gruggedcom_rsg2288ruggedcom_rs920lruggedcom_rs940gruggedcom_rmc30RUGGEDCOM RS8000RUGGEDCOM RS900LRUGGEDCOM RSG2300 V4.XRUGGEDCOM RS900MNC-STND-XX-C01RUGGEDCOM RSG920P V4.XRUGGEDCOM RS401NCRUGGEDCOM RSG2100PNC (32M) V4.XRUGGEDCOM RS920LNCRUGGEDCOM RS910LRUGGEDCOM RS930WRUGGEDCOM RSG2100NC(32M) V5.XRUGGEDCOM RSG2100 (32M) V5.XRUGGEDCOM RSG2288NC V5.XRUGGEDCOM RS416Pv2 V4.XRUGGEDCOM RS1600RUGGEDCOM i801NCRUGGEDCOM RS940GRUGGEDCOM RSG2100NC(32M) V4.XRUGGEDCOM i800NCRUGGEDCOM RS910RUGGEDCOM RSG908CRUGGEDCOM RS8000NCRUGGEDCOM RS400FRUGGEDCOM RS900NC(32M) V4.XRUGGEDCOM RS920LRUGGEDCOM RMC8388 V4.XRUGGEDCOM RS8000HRUGGEDCOM RS900LNCRUGGEDCOM RS8000TRUGGEDCOM RS910NCRUGGEDCOM RS416PFRUGGEDCOM RS900GRUGGEDCOM M2100FRUGGEDCOM RS900M-STND-XXRUGGEDCOM RS900WRUGGEDCOM RMC8388 V5.XRUGGEDCOM RS900MNC-STND-XXRUGGEDCOM RSG2100PNC (32M) V5.XRUGGEDCOM RSG910CRUGGEDCOM RSG2300PFRUGGEDCOM RSG2288 V4.XRUGGEDCOM RS1600NCRUGGEDCOM RS969RUGGEDCOM RS900 (32M) V4.XRUGGEDCOM RSG909RRUGGEDCOM RS416FRUGGEDCOM RS900GPFRUGGEDCOM RSG2100PRUGGEDCOM RS930LNCRUGGEDCOM RS416PRUGGEDCOM RSG920P V5.XRUGGEDCOM RSG2200NCRUGGEDCOM RS8000HNCRUGGEDCOM RSG2300PNC V5.XRUGGEDCOM RSG2288 V5.XRUGGEDCOM RS1600FRUGGEDCOM RS416NCRUGGEDCOM RS930LRUGGEDCOM RSG907RRUGGEDCOM RSG2300P V5.XRUGGEDCOM RS910WRUGGEDCOM RSG2300 V5.XRUGGEDCOM RS940GNCRUGGEDCOM RS900GNCRUGGEDCOM RSG2100P (32M) V4.XRUGGEDCOM RMC8388NC V5.XRUGGEDCOM RS940GFRUGGEDCOM RS910LNCRUGGEDCOM RSG2288NC V4.XRUGGEDCOM RSG2488 V5.XRUGGEDCOM RMC30RUGGEDCOM RS900GFRUGGEDCOM RS8000ANCRUGGEDCOM RMC8388NC V4.XRUGGEDCOM RS1600TRUGGEDCOM M969FRUGGEDCOM RS900G (32M) V5.XRUGGEDCOM RS400NCRUGGEDCOM RS900MNC-GETS-C01RUGGEDCOM RS900M-GETS-C01RUGGEDCOM RSG2488NC V4.XRUGGEDCOM M2200FRUGGEDCOM RP110RUGGEDCOM i801RUGGEDCOM RS416v2 V4.XRUGGEDCOM RS416NCv2 V4.XRUGGEDCOM RS8000TNCRUGGEDCOM RSG2300P V4.XRUGGEDCOM RS416v2 V5.XRUGGEDCOM RS920WRUGGEDCOM RS900FRUGGEDCOM M2200RUGGEDCOM RS900MNC-GETS-XXRUGGEDCOM RSG2300NC V5.XRUGGEDCOM RS900GNC(32M) V4.XRUGGEDCOM RS900RUGGEDCOM RSG2100RUGGEDCOM M969NCRUGGEDCOM RS416PNCRUGGEDCOM RS1600FNCRUGGEDCOM RS400RUGGEDCOM RS900NC(32M) V5.XRUGGEDCOM RS1600TNCRUGGEDCOM RS900G (32M) V4.XRUGGEDCOM M969RUGGEDCOM RS416PNCv2 V4.XRUGGEDCOM M2200NCRUGGEDCOM RS8000ARUGGEDCOM i803RUGGEDCOM RSG2100PNCRUGGEDCOM RSG920PNC V5.XRUGGEDCOM RSG2100NCRUGGEDCOM RSG2488FRUGGEDCOM RP110NCRUGGEDCOM RSG2200RUGGEDCOM RSG2488NC V5.XRUGGEDCOM RSL910NCRUGGEDCOM RS969NCRUGGEDCOM RS416RUGGEDCOM RST2228PRUGGEDCOM i800RUGGEDCOM RS900M-STND-C01RUGGEDCOM RS900M-GETS-XXRUGGEDCOM RST916PRUGGEDCOM RS416PNCv2 V5.XRUGGEDCOM RS416NCv2 V5.XRUGGEDCOM RSG2100 (32M) V4.XRUGGEDCOM RSL910RUGGEDCOM RSG2100PFRUGGEDCOM RS900GPRUGGEDCOM RST916CRUGGEDCOM RS900GPNCRUGGEDCOM RSG2100FRUGGEDCOM RSG2488 V4.XRUGGEDCOM i802RUGGEDCOM RS900GNC(32M) V5.XRUGGEDCOM RST2228RUGGEDCOM RS401RUGGEDCOM RSG2300NC V4.XRUGGEDCOM RSG920PNC V4.XRUGGEDCOM i802NCRUGGEDCOM i803NCRUGGEDCOM M2100RUGGEDCOM RSG2300FRUGGEDCOM RSG2300PNC V4.XRUGGEDCOM RS900NCRUGGEDCOM RS416Pv2 V5.XRUGGEDCOM RMC30NCRUGGEDCOM RS900 (32M) V5.XRUGGEDCOM RSG2200FRUGGEDCOM M2100NCRUGGEDCOM RSG2100P (32M) V5.X
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-20227
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-9.3||CRITICAL
EPSS-0.08% / 23.43%
||
7 Day CHG~0.00%
Published-28 Mar, 2026 | 11:58
Updated-08 Apr, 2026 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
JAD 1.5.8e-1kali1 Stack-Based Buffer Overflow

JAD Java Decompiler 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying overly long input that exceeds buffer boundaries. Attackers can craft malicious input passed to the jad command to overflow the stack and execute a return-oriented programming chain that spawns a shell.

Action-Not Available
Vendor-varaneckasVaraneckas
Product-jad_java_decompilerJAD Java Decompiler
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-51971
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.24% / 47.49%
||
7 Day CHG~0.00%
Published-10 Jan, 2024 | 00:00
Updated-03 Jun, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function getIptvInfo.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ax1803ax1803_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-51962
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.26% / 48.83%
||
7 Day CHG~0.00%
Published-10 Jan, 2024 | 00:00
Updated-17 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ax1803_firmwareax1803n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-51965
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.24% / 47.49%
||
7 Day CHG~0.00%
Published-10 Jan, 2024 | 00:00
Updated-20 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function setIptvInfo.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ax1803_firmwareax1803n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-51969
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.26% / 48.83%
||
7 Day CHG~0.00%
Published-10 Jan, 2024 | 00:00
Updated-20 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function getIptvInfo.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ax1803_firmwareax1803n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-52309
Matching Score-4
Assigner-Baidu, Inc.
ShareView Details
Matching Score-4
Assigner-Baidu, Inc.
CVSS Score-8.2||HIGH
EPSS-0.13% / 32.07%
||
7 Day CHG~0.00%
Published-03 Jan, 2024 | 08:14
Updated-06 Sep, 2024 | 17:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap buffer overflow in paddle.repeat_interleave

Heap buffer overflow in paddle.repeat_interleaveĀ in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.

Action-Not Available
Vendor-paddlepaddlePaddlePaddle
Product-paddlepaddlePaddlePaddle
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-51954
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.24% / 47.49%
||
7 Day CHG~0.00%
Published-10 Jan, 2024 | 00:00
Updated-03 Jun, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function formSetIptv.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ax1803ax1803_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-51967
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.26% / 48.83%
||
7 Day CHG~0.00%
Published-10 Jan, 2024 | 00:00
Updated-20 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function getIptvInfo.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ax1803_firmwareax1803n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-51952
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.24% / 47.49%
||
7 Day CHG~0.00%
Published-10 Jan, 2024 | 00:00
Updated-20 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formSetIptv.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ax1803_firmwareax1803n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-51961
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.24% / 47.49%
||
7 Day CHG~0.00%
Published-10 Jan, 2024 | 00:00
Updated-03 Sep, 2024 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ax1803_firmwareax1803n/aax1803_firmware
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-51970
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.26% / 48.83%
||
7 Day CHG~0.00%
Published-10 Jan, 2024 | 00:00
Updated-20 Jun, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ax1803_firmwareax1803n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-51889
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.95% / 86.54%
||
7 Day CHG~0.00%
Published-24 Jan, 2024 | 00:00
Updated-16 Jun, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack Overflow vulnerability in the validate() function in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via crafted string in the application URL.

Action-Not Available
Vendor-ctann/a
Product-mathtexn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-52370
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-9.8||CRITICAL
EPSS-0.11% / 29.51%
||
7 Day CHG~0.00%
Published-18 Feb, 2024 | 03:41
Updated-24 Apr, 2025 | 15:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack overflow vulnerability in the network acceleration module.Successful exploitation of this vulnerability may cause unauthorized file access.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosEMUIHarmonyOSharmonyosemui
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 51
  • 52
  • Next
Details not found