Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

plchandler

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2022-31805
Assigner-CERT@VDE
ShareView Details
Assigner-CERT@VDE
CVSS Score-7.5||HIGH
EPSS-0.44% / 62.49%
||
7 Day CHG~0.00%
Published-24 Jun, 2022 | 07:46
Updated-16 Sep, 2024 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insecure transmission of credentials

In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected.

Action-Not Available
Vendor-CODESYS GmbH
Product-plchandlerdevelopment_systemhmi_slsp_realtime_ntruntime_toolkitplcwinntopc_servergatewayweb_serveredge_gatewayCODESYS Web serverCODESYS OPC DA Server SLCODESYS PLCWinNTCODESYS HMI (SL)CODESYS PLCHandlerCODESYS Gateway ClientCODESYS Edge Gateway for WindowsCODESYS Gateway ServerCODESYS GatewayCODESYS SP Realtime NTCODESYS Runtime Toolkit 32 bit fullCODESYS Development System
CWE ID-CWE-523
Unprotected Transport of Credentials
CVE-2021-29242
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.3||HIGH
EPSS-0.44% / 62.20%
||
7 Day CHG~0.00%
Published-03 May, 2021 | 13:56
Updated-03 Aug, 2024 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages.

Action-Not Available
Vendor-n/aCODESYS GmbH
Product-control_rtecontrol_runtime_system_toolkitcontrol_for_pfc100_slhmicontrol_for_beaglebone_slopc_serverremote_target_visu_toolkitgatewaycontrol_for_linux_sledge_gatewaysimulation_runtimeplchandlercontrol_for_pfc200_slembedded_target_visu_toolkitcontrol_for_iot2000_slcontrol_for_wago_touch_panels_600_slcontrol_for_raspberry_pi_slcontrol_for_linux_arm_slcontrol_for_plcnext_slcontrol_for_empc-a\/imx6_slsafety_silcontrol_winn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-20026
Assigner-Kaspersky
ShareView Details
Assigner-Kaspersky
CVSS Score-7.5||HIGH
EPSS-1.43% / 79.88%
||
7 Day CHG~0.00%
Published-19 Feb, 2019 | 21:00
Updated-16 Sep, 2024 | 20:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0.

Action-Not Available
Vendor-Kaspersky LabCODESYS GmbH
Product-control_rte_sl_\(for_beckhoff_cx\)hmi_slcontrol_for_pfc100_slcontrol_for_beaglebone_slsafety_sil2gatewaycontrol_runtime_toolkitcontrol_for_linux_slplchandlercontrol_for_pfc200_slcontrol_for_iot2000_sldevelopment_system_v3control_for_raspberry_pi_sltargetvisu_slcontrol_rte_slcontrol_for_empc-a\/imx6_slopc_servercontrol_win_slCODESYS V3 products