Product:

Control_win_sl

(Codesys)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 29
Date Id Summary Products Score Patch Annotated
2023-08-03 CVE-2022-4046 In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device. Control_for_beaglebone_sl, Control_for_empc\-A\/imx6_sl, Control_for_iot2000_sl, Control_for_linux_sl, Control_for_pfc100_sl, Control_for_pfc200_sl, Control_for_plcnext_sl, Control_for_raspberry_pi_sl, Control_for_wago_touch_panels_600_sl, Control_rte_sl, Control_rte_sl_\(For_beckhoff_cx\), Control_runtime_system_toolkit, Control_win_sl, Hmi_sl 8.8
2023-08-03 CVE-2023-37545 In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550 Control_for_beaglebone_sl, Control_for_empc\-A\/imx6_sl, Control_for_iot2000_sl, Control_for_linux_sl, Control_for_pfc100_sl, Control_for_pfc200_sl, Control_for_plcnext_sl, Control_for_raspberry_pi_sl, Control_for_wago_touch_panels_600_sl, Control_rte_sl, Control_rte_sl_\(For_beckhoff_cx\), Control_runtime_system_toolkit, Control_win_sl, Development_system, Hmi, Safety_sil2 6.5
2023-08-03 CVE-2023-37546 In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550 Control_for_beaglebone_sl, Control_for_empc\-A\/imx6_sl, Control_for_iot2000_sl, Control_for_linux_sl, Control_for_pfc100_sl, Control_for_pfc200_sl, Control_for_plcnext_sl, Control_for_raspberry_pi_sl, Control_for_wago_touch_panels_600_sl, Control_rte_sl, Control_rte_sl_\(For_beckhoff_cx\), Control_runtime_system_toolkit, Control_win_sl, Development_system, Hmi, Safety_sil2 6.5
2023-08-03 CVE-2023-37548 In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550 Control_for_beaglebone_sl, Control_for_empc\-A\/imx6_sl, Control_for_iot2000_sl, Control_for_linux_sl, Control_for_pfc100_sl, Control_for_pfc200_sl, Control_for_plcnext_sl, Control_for_raspberry_pi_sl, Control_for_wago_touch_panels_600_sl, Control_rte_sl, Control_rte_sl_\(For_beckhoff_cx\), Control_runtime_system_toolkit, Control_win_sl, Development_system, Hmi, Safety_sil2 6.5
2023-08-03 CVE-2023-37547 In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550 Control_for_beaglebone_sl, Control_for_empc\-A\/imx6_sl, Control_for_iot2000_sl, Control_for_linux_sl, Control_for_pfc100_sl, Control_for_pfc200_sl, Control_for_plcnext_sl, Control_for_raspberry_pi_sl, Control_for_wago_touch_panels_600_sl, Control_rte_sl, Control_rte_sl_\(For_beckhoff_cx\), Control_runtime_system_toolkit, Control_win_sl, Development_system, Hmi, Safety_sil2 6.5
2023-08-03 CVE-2023-37549 In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37550 Control_for_beaglebone_sl, Control_for_empc\-A\/imx6_sl, Control_for_iot2000_sl, Control_for_linux_sl, Control_for_pfc100_sl, Control_for_pfc200_sl, Control_for_plcnext_sl, Control_for_raspberry_pi_sl, Control_for_wago_touch_panels_600_sl, Control_rte_sl, Control_rte_sl_\(For_beckhoff_cx\), Control_runtime_system_toolkit, Control_win_sl, Development_system, Hmi, Safety_sil2 6.5
2023-08-03 CVE-2023-37550 In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549. Control_for_beaglebone_sl, Control_for_empc\-A\/imx6_sl, Control_for_iot2000_sl, Control_for_linux_sl, Control_for_pfc100_sl, Control_for_pfc200_sl, Control_for_plcnext_sl, Control_for_raspberry_pi_sl, Control_for_wago_touch_panels_600_sl, Control_rte_sl, Control_rte_sl_\(For_beckhoff_cx\), Control_runtime_system_toolkit, Control_win_sl, Development_system, Hmi, Safety_sil2 6.5
2019-08-15 CVE-2019-9013 An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS based encryption, which results in user credentials being insufficiently protected during transport. All variants of the following CODESYS V3 products in all versions containing the CmpUserMgr component are affected regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control... Control_for_beaglebone_sl, Control_for_empc\-A\/imx6_sl, Control_for_iot2000_sl, Control_for_linux_sl, Control_for_pfc100_sl, Control_for_pfc200_sl, Control_rte_sl, Control_win_sl, Development_system, Hmi_sl, Raspberry_pi, Runtime_toolkit 8.8
2019-02-19 CVE-2018-20026 Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0. Control_for_beaglebone_sl, Control_for_empc\-A\/imx6_sl, Control_for_iot2000_sl, Control_for_linux_sl, Control_for_pfc100_sl, Control_for_pfc200_sl, Control_for_raspberry_pi_sl, Control_rte_sl, Control_rte_sl_\(For_beckhoff_cx\), Control_runtime_toolkit, Control_win_sl, Development_system_v3, Gateway, Hmi_sl, Opc_server, Plchandler, Safety_sil2, Targetvisu_sl 7.5
2022-04-07 CVE-2022-22516 The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory space. Control_rte_sl, Control_rte_sl_\(For_beckhoff_cx\), Control_win_sl, Development_system 7.8