Product:

Control_for_pfc100

(Codesys)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 12
Date Id Summary Products Score Patch Annotated
2022-12-26 CVE-2020-12069 In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device. Control_for_beaglebone, Control_for_empc\-A\/imx6, Control_for_iot2000, Control_for_linux, Control_for_pfc100, Control_for_pfc200, Control_for_plcnext, Control_for_raspberry_pi, Control_rte_v3, Control_v3_runtime_system_toolkit, Control_win_v3, Hmi_v3, V3_simulation_runtime, Controller_cecc\-D_firmware, Controller_cecc\-Lk_firmware, Controller_cecc\-S_firmware, Pmc, 750\-8100_firmware, 750\-8101_firmware, 750\-8102_firmware, 750\-8202_firmware, 750\-8203_firmware, 750\-8204_firmware, 750\-8206_firmware, 750\-8207_firmware, 750\-8210_firmware, 750\-8211_firmware, 750\-8212_firmware, 750\-8213_firmware, 750\-8214_firmware, 750\-8215_firmware, 750\-8216_firmware, 750\-8217_firmware, 752\-8303\/8000\-0002_firmware, 762\-4201\/8000\-001_firmware, 762\-4202\/8000\-001_firmware, 762\-4203\/8000\-001_firmware, 762\-4204\/8000\-001_firmware, 762\-4205\/8000\-001_firmware, 762\-4205\/8000\-002_firmware, 762\-4206\/8000\-001_firmware, 762\-4206\/8000\-002_firmware, 762\-4301\/8000\-002_firmware, 762\-4302\/8000\-002_firmware, 762\-4303\/8000\-002_firmware, 762\-4304\/8000\-002_firmware, 762\-4305\/8000\-002_firmware, 762\-4306\/8000\-002_firmware, 762\-5203\/8000\-001_firmware, 762\-5204\/8000\-001_firmware, 762\-5205\/8000\-001_firmware, 762\-5206\/8000\-001_firmware, 762\-5303\/8000\-002_firmware, 762\-5304\/8000\-002_firmware, 762\-5305\/8000\-002_firmware, 762\-5306\/8000\-002_firmware, 762\-6201\/8000\-001_firmware, 762\-6202\/8000\-001_firmware, 762\-6203\/8000\-001_firmware, 762\-6204\/8000\-001_firmware, 762\-6301\/8000\-002_firmware, 762\-6302\/8000\-002_firmware, 762\-6303\/8000\-002_firmware, 762\-6304\/8000\-002_firmware 7.8
2023-03-23 CVE-2018-25048 The CODESYS runtime system in multiple versions allows an remote low privileged attacker to use a path traversal vulnerability to access and modify all system files as well as DoS the device. Control_for_beaglebone, Control_for_empc\-A\/imx6, Control_for_iot2000, Control_for_pfc100, Control_for_pfc200, Control_for_raspberry_pi, Control_rte, Control_v3_runtime_system_toolkit, Control_win, Embedded_target_visu_toolkit, Hmi, Remote_target_visu_toolkit, Runtime_plcwinnt, Runtime_system_toolkit, Simulation_runtime 8.8
2019-09-17 CVE-2019-9008 An issue was discovered in 3S-Smart CODESYS V3 through 3.5.12.30. A user with low privileges can take full control over the runtime. Control_for_beaglebone, Control_for_empc\-A\/imx6, Control_for_iot2000, Control_for_pfc100, Control_for_pfc200, Control_for_raspberry_pi, Control_rte, Control_win, Hmi, Simulation_runtime 8.8
2019-09-17 CVE-2019-9009 An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash. Control_for_beaglebone, Control_for_empc\-A\/imx6, Control_for_iot2000, Control_for_pfc100, Control_for_pfc200, Control_for_raspberry_pi, Control_rte, Control_win, Gateway, Hmi, Linux, Runtime_system_toolkit, Safety_sil2, Simulation_runtime 7.5
2019-09-13 CVE-2019-13548 CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution. Control_for_beaglebone, Control_for_empc\-A\/imx6, Control_for_iot2000, Control_for_linux, Control_for_pfc100, Control_for_pfc200, Control_for_raspberry_pi, Control_rte, Control_runtime_system_toolkit, Control_win, Embedded_target_visu_toolkit, Hmi, Remote_target_visu_toolkit 9.8
2020-01-24 CVE-2020-7052 CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition. Control_for_beaglebone, Control_for_empc\-A\/imx6, Control_for_iot2000, Control_for_linux, Control_for_pfc100, Control_for_pfc200, Control_for_plcnext, Control_for_raspberry_pi, Control_rte, Control_runtime_system_toolkit, Control_win, Gateway, Hmi, Safety_sil2, Simulation_runtime 6.5
2020-05-14 CVE-2020-12068 An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS WebVisu and CODESYS Remote TargetVisu are susceptible to privilege escalation. Control_for_beaglebone, Control_for_empc\-A\/imx6, Control_for_iot2000, Control_for_pfc100, Control_for_pfc200, Control_for_plcnext, Control_for_raspberry_pi, Control_rte, Control_runtime_system_toolkit, Control_win, Development_system, Hmi 6.5
2020-07-22 CVE-2020-15806 CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation. Control_for_beaglebone, Control_for_empc\-A\/imx6, Control_for_iot2000, Control_for_linux, Control_for_pfc100, Control_for_pfc200, Control_for_plcnext, Control_for_raspberry_pi, Control_for_wago_touch_panels_600, Control_rte, Control_runtime_system_toolkit, Control_win, Embedded_target_visu_toolkit, Hmi, Remote_target_visu_toolkit, Simulation_runtime 7.5
2020-03-26 CVE-2020-10245 CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow. Control_for_beaglebone, Control_for_empc\-A\/imx6, Control_for_iot2000, Control_for_linux, Control_for_pfc100, Control_for_pfc200, Control_for_plcnext, Control_for_raspberry_pi, Control_rte, Control_runtime_system_toolkit, Control_win, Embedded_target_visu_toolkit, Hmi, Remote_target_visu_toolkit N/A
2019-11-20 CVE-2019-18858 CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow. Control_for_beaglebone, Control_for_empc\-A\/imx6, Control_for_iot2000, Control_for_linux, Control_for_pfc100, Control_for_pfc200, Control_for_plcnext, Control_for_raspberry_pi, Control_rte, Control_runtime_system_toolkit, Control_win, Embedded_target_visu_toolkit, Hmi, Remote_target_visu_toolkit N/A