Filtered by vendor Codesys
Subscriptions
Total
125 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-6357 | 1 Codesys | 11 Control For Beaglebone Sl, Control For Empc-a\/imx6, Control For Iot2000 Sl and 8 more | 2024-08-02 | 8.8 High |
A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device. | ||||
CVE-2023-3662 | 1 Codesys | 1 Development System | 2024-08-02 | 7.3 High |
In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users context . | ||||
CVE-2023-3669 | 1 Codesys | 1 Development System | 2024-08-02 | 3.3 Low |
A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimited attempts of guessing the password within an import dialog. | ||||
CVE-2023-3663 | 1 Codesys | 1 Development System | 2024-08-02 | 8.8 High |
In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server. | ||||
CVE-2023-3670 | 1 Codesys | 2 Development System, Scripting | 2024-08-02 | 7.3 High |
In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users. |