CVE-2021-34596 - Vulnerability Details

A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00236.

Key SSVC decision points have not yet been added.

Vendors	Products
Codesys	Codesys Plcwinnt Runtime Toolkit
Wago	750-8202 750-8202 Firmware 750-8203 750-8203 Firmware 750-8204 750-8204 Firmware 750-8206 750-8206 Firmware 750-8207 750-8207 Firmware 750-8208 750-8208 Firmware 750-8210 750-8210 Firmware 750-8211 750-8211 Firmware 750-8212 750-8212 Firmware 750-8213 750-8213 Firmware 750-8214 750-8214 Firmware 750-8216 750-8216 Firmware 750-8217 750-8217 Firmware 750-823 750-823 Firmware 750-829 750-829 Firmware 750-831 750-831 Firmware 750-832 750-832 Firmware 750-852 750-852 Firmware 750-862 750-862 Firmware 750-880 750-880 Firmware 750-881 750-881 Firmware 750-882 750-882 Firmware 750-885 750-885 Firmware 750-889 750-889 Firmware 750-890 750-890 Firmware 750-891 750-891 Firmware 750-893 750-893 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:wago:750-823_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-823:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:wago:750-829_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-829:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:wago:750-831_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-831:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:wago:750-832_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-832:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:wago:750-852_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-852:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:wago:750-862_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-862:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:wago:750-880_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-880:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:wago:750-881_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-881:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:wago:750-882_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-882:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:wago:750-885_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-885:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:wago:750-889_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-889:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:wago:750-890_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-890:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:wago:750-891_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-891:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:wago:750-893_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-893:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:wago:750-8202_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8202:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:wago:750-8203_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8203:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:wago:750-8204_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8204:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:wago:750-8206_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8206:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:wago:750-8207_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8207:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:wago:750-8208_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8208:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:wago:750-8210_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8210:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:wago:750-8211_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8211:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:wago:750-8212_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8212:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:wago:750-8213_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8213:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:wago:750-8214_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8214:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:wago:750-8216_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8216:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:wago:750-8217_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:wago:750-8217:-:*:*:*:*:*:*:*

Configuration 28 [-]

OR	cpe:2.3:a:codesys:codesys::::::::
	cpe:2.3:a:codesys:plcwinnt::::::::
	cpe:2.3:a:codesys:runtime_toolkit:::::::x86:*

No data.

Fixes

Solution

CODESYS GmbH has released the following product versions to solve the noted vulnerability issue for the affected CODESYS products: * CODESYS Runtime Toolkit 32 bit full version V2.4.7.56 * CODESYS PLCWinNT version V2.4.7.56. This will also be part of the CODESYS Development System setup version V2.3.9.68.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16878&token=e5644ec405590e66aefa62304cb8632df9fc9e9c&download=

History

Fri, 15 Aug 2025 20:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Codesys codesys Wago Wago 750-8202 Wago 750-8202 Firmware Wago 750-8203 Wago 750-8203 Firmware Wago 750-8204 Wago 750-8204 Firmware Wago 750-8206 Wago 750-8206 Firmware Wago 750-8207 Wago 750-8207 Firmware Wago 750-8208 Wago 750-8208 Firmware Wago 750-8210 Wago 750-8210 Firmware Wago 750-8211 Wago 750-8211 Firmware Wago 750-8212 Wago 750-8212 Firmware Wago 750-8213 Wago 750-8213 Firmware Wago 750-8214 Wago 750-8214 Firmware Wago 750-8216 Wago 750-8216 Firmware Wago 750-8217 Wago 750-8217 Firmware Wago 750-823 Wago 750-823 Firmware Wago 750-829 Wago 750-829 Firmware Wago 750-831 Wago 750-831 Firmware Wago 750-832 Wago 750-832 Firmware Wago 750-852 Wago 750-852 Firmware Wago 750-862 Wago 750-862 Firmware Wago 750-880 Wago 750-880 Firmware Wago 750-881 Wago 750-881 Firmware Wago 750-882 Wago 750-882 Firmware Wago 750-885 Wago 750-885 Firmware Wago 750-889 Wago 750-889 Firmware Wago 750-890 Wago 750-890 Firmware Wago 750-891 Wago 750-891 Firmware Wago 750-893 Wago 750-893 Firmware
CPEs		cpe:2.3:a:codesys:codesys:::::::: cpe:2.3:h:wago:750-8202:-:::::::* cpe:2.3:h:wago:750-8203:-:::::::* cpe:2.3:h:wago:750-8204:-:::::::* cpe:2.3:h:wago:750-8206:-:::::::* cpe:2.3:h:wago:750-8207:-:::::::* cpe:2.3:h:wago:750-8208:-:::::::* cpe:2.3:h:wago:750-8210:-:::::::* cpe:2.3:h:wago:750-8211:-:::::::* cpe:2.3:h:wago:750-8212:-:::::::* cpe:2.3:h:wago:750-8213:-:::::::* cpe:2.3:h:wago:750-8214:-:::::::* cpe:2.3:h:wago:750-8216:-:::::::* cpe:2.3:h:wago:750-8217:-:::::::* cpe:2.3:h:wago:750-823:-:::::::* cpe:2.3:h:wago:750-829:-:::::::* cpe:2.3:h:wago:750-831:-:::::::* cpe:2.3:h:wago:750-832:-:::::::* cpe:2.3:h:wago:750-852:-:::::::* cpe:2.3:h:wago:750-862:-:::::::* cpe:2.3:h:wago:750-880:-:::::::* cpe:2.3:h:wago:750-881:-:::::::* cpe:2.3:h:wago:750-882:-:::::::* cpe:2.3:h:wago:750-885:-:::::::* cpe:2.3:h:wago:750-889:-:::::::* cpe:2.3:h:wago:750-890:-:::::::* cpe:2.3:h:wago:750-891:-:::::::* cpe:2.3:h:wago:750-893:-:::::::* cpe:2.3:o:wago:750-8202_firmware:::::::: cpe:2.3:o:wago:750-8203_firmware:::::::: cpe:2.3:o:wago:750-8204_firmware:::::::: cpe:2.3:o:wago:750-8206_firmware:::::::: cpe:2.3:o:wago:750-8207_firmware:::::::: cpe:2.3:o:wago:750-8208_firmware:::::::: cpe:2.3:o:wago:750-8210_firmware:::::::: cpe:2.3:o:wago:750-8211_firmware:::::::: cpe:2.3:o:wago:750-8212_firmware:::::::: cpe:2.3:o:wago:750-8213_firmware:::::::: cpe:2.3:o:wago:750-8214_firmware:::::::: cpe:2.3:o:wago:750-8216_firmware:::::::: cpe:2.3:o:wago:750-8217_firmware:::::::: cpe:2.3:o:wago:750-823_firmware:::::::: cpe:2.3:o:wago:750-829_firmware:::::::: cpe:2.3:o:wago:750-831_firmware:::::::: cpe:2.3:o:wago:750-832_firmware:::::::: cpe:2.3:o:wago:750-852_firmware:::::::: cpe:2.3:o:wago:750-862_firmware:::::::: cpe:2.3:o:wago:750-880_firmware:::::::: cpe:2.3:o:wago:750-881_firmware:::::::: cpe:2.3:o:wago:750-882_firmware:::::::: cpe:2.3:o:wago:750-885_firmware:::::::: cpe:2.3:o:wago:750-889_firmware:::::::: cpe:2.3:o:wago:750-890_firmware:::::::: cpe:2.3:o:wago:750-891_firmware:::::::: cpe:2.3:o:wago:750-893_firmware::::::::
Vendors & Products		Codesys codesys Wago Wago 750-8202 Wago 750-8202 Firmware Wago 750-8203 Wago 750-8203 Firmware Wago 750-8204 Wago 750-8204 Firmware Wago 750-8206 Wago 750-8206 Firmware Wago 750-8207 Wago 750-8207 Firmware Wago 750-8208 Wago 750-8208 Firmware Wago 750-8210 Wago 750-8210 Firmware Wago 750-8211 Wago 750-8211 Firmware Wago 750-8212 Wago 750-8212 Firmware Wago 750-8213 Wago 750-8213 Firmware Wago 750-8214 Wago 750-8214 Firmware Wago 750-8216 Wago 750-8216 Firmware Wago 750-8217 Wago 750-8217 Firmware Wago 750-823 Wago 750-823 Firmware Wago 750-829 Wago 750-829 Firmware Wago 750-831 Wago 750-831 Firmware Wago 750-832 Wago 750-832 Firmware Wago 750-852 Wago 750-852 Firmware Wago 750-862 Wago 750-862 Firmware Wago 750-880 Wago 750-880 Firmware Wago 750-881 Wago 750-881 Firmware Wago 750-882 Wago 750-882 Firmware Wago 750-885 Wago 750-885 Firmware Wago 750-889 Wago 750-889 Firmware Wago 750-890 Wago 750-890 Firmware Wago 750-891 Wago 750-891 Firmware Wago 750-893 Wago 750-893 Firmware

MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2021-10-26T09:55:54.408529Z

Updated: 2024-09-16T22:40:47.921Z

Reserved: 2021-06-10T00:00:00

Link: CVE-2021-34596

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-10-26T10:15:08.127

Modified: 2025-08-15T20:24:15.653

Link: CVE-2021-34596

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object