CVE-2022-32137

Overview

CODESYS
Runtime Toolkit

24 Jun 2022

Published

16 Sep 2024

Updated

CVSS v3.1

HIGH (8.8)

EPSS

1.04%

MITRE

KEV

Description

In multiple CODESYS products, a low privileged remote attacker may craft a request, which may cause a heap-based buffer overflow, resulting in a denial-of-service condition or memory overwrite. User interaction is not required.

Statistics

1 Post
2 Interactions

Last activity: 18 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

https://certvde.com/en/advisories/vde-2025-108/

#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json

1
1
0
18h ago

CVE-2022-30792

Overview

CODESYS
CODESYS Control RTE (SL)

11 Jul 2022

Published

16 Sep 2024

Updated

CVSS v3.1

HIGH (7.5)

EPSS

0.54%

MITRE

KEV

Description

In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.

Statistics

1 Post
2 Interactions

Last activity: 18 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

https://certvde.com/en/advisories/vde-2025-108/

#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json

1
1
0
18h ago

CVE-2022-47391

Overview

CODESYS
CODESYS Control RTE (SL)

15 May 2023

Published

23 Jan 2025

Updated

CVSS v3.1

HIGH (7.5)

EPSS

0.69%

MITRE

KEV

Description

In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.

Statistics

1 Post
2 Interactions

Last activity: 18 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

https://certvde.com/en/advisories/vde-2025-108/

#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json

1
1
0
18h ago

CVE-2023-37557

Overview

CODESYS
CODESYS Control for BeagleBone SL

03 Aug 2023

Published

09 Oct 2024

Updated

CVSS v3.1

MEDIUM (6.5)

EPSS

0.05%

MITRE

KEV

Description

After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.

Statistics

1 Post
2 Interactions

Last activity: 18 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

https://certvde.com/en/advisories/vde-2025-108/

#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json

1
1
0
18h ago

CVE-2025-0694

Overview

CODESYS
CODESYS Control for BeagleBone SL

18 Mar 2025

Published

18 Mar 2025

Updated

CVSS v3.1

MEDIUM (6.6)

EPSS

0.10%

MITRE

KEV

Description

Insufficient path validation in CODESYS Control allows low privileged attackers with physical access to gain full filesystem access.

Statistics

1 Post
2 Interactions

Last activity: 18 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

https://certvde.com/en/advisories/vde-2025-108/

#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json

1
1
0
18h ago

CVE-2025-41658

Overview

CODESYS
Runtime Toolkit

04 Aug 2025

Published

04 Aug 2025

Updated

CVSS v3.1

MEDIUM (5.5)

EPSS

0.01%

MITRE

KEV

Description

CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged operating system users due to default file permissions.

Statistics

1 Post
2 Interactions

Last activity: 18 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

https://certvde.com/en/advisories/vde-2025-108/

#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json

1
1
0
18h ago

CVE-2019-13548

Overview

CODESYS V3 web server

13 Sep 2019

Published

04 Aug 2024

Updated

CVSS

Pending

EPSS

2.40%

MITRE

KEV

Description

CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution.

Statistics

1 Post
2 Interactions

Last activity: 18 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

https://certvde.com/en/advisories/vde-2025-108/

#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json

1
1
0
18h ago

CVE-2022-47384

Overview

CODESYS
CODESYS Control RTE (SL)

15 May 2023

Published

05 Mar 2025

Updated

CVSS v3.1

HIGH (8.8)

EPSS

5.42%

MITRE

KEV

Description

An authenticated remote attacker may use a stack based out-of-bounds write vulnerability in the CmpTraceMgr Component of multiple CODESYS products in multiple versions to write data into the stack which can lead to a denial-of-service condition, memory overwriting, or remote code execution.

Statistics

1 Post
2 Interactions

Last activity: 18 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

https://certvde.com/en/advisories/vde-2025-108/

#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json

1
1
0
18h ago

CVE-2022-47393

Overview

CODESYS
CODESYS Control RTE (SL)

15 May 2023

Published

05 Mar 2025

Updated

CVSS v3.1

MEDIUM (6.5)

EPSS

0.65%

MITRE

KEV

Description

An authenticated, remote attacker may use a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple versions of multiple CODESYS products to force a denial-of-service situation.

Statistics

1 Post
2 Interactions

Last activity: 18 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

https://certvde.com/en/advisories/vde-2025-108/

#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json

1
1
0
18h ago

CVE-2021-30186

Overview

Pending

25 May 2021

Published

03 Aug 2024

Updated

CVSS

Pending

EPSS

0.45%

MITRE

KEV

Description

CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow.

Statistics

1 Post
2 Interactions

Last activity: 18 hours ago

Fediverse

CERT@VDE @certvde

#OT #Advisory VDE-2025-108
Several CODESYS vulnerabilities in Festo Automation Suite

Starting with Festo Automation Suite (FAS) version 2.8.0.138, the suite is delivered only with a connector to Codesys, rather than including Codesys directly. Prior to this version, Codesys was bundled within the FAS installation. From version 2.8.0.138 onwards, customers are required to download and install Codesys independently.
#CVE CVE-2023-3935, CVE-2022-31806, CVE-2021-33485, CVE-2021-30190, CVE-2021-30188, CVE-2020-14517, CVE-2020-14509, CVE-2020-10245, CVE-2019-9010, CVE-2019-18858, CVE-2019-13548, CVE-2018-10612, CVE-2022-47382, CVE-2023-6357, CVE-2023-3663, CVE-2022-47390, CVE-2022-47389, CVE-2022-47388, CVE-2022-47387, CVE-2022-47386, CVE-2022-47385, CVE-2022-47384, CVE-2022-47383, CVE-2022-47381, CVE-2022-47380, CVE-2022-47379, CVE-2022-4224, CVE-2022-4046, CVE-2022-32143, CVE-2022-32138, CVE-2022-32137, CVE-2019-9013, CVE-2019-9008, CVE-2019-13538, CVE-2025-41659, CVE-2022-32142, CVE-2022-22515, CVE-2022-1965, CVE-2021-34595, CVE-2023-49675, CVE-2022-22516, CVE-2021-29240, CVE-2021-29239, CVE-2021-21869, CVE-2021-21868, CVE-2021-21867, CVE-2021-21866, CVE-2021-21865, CVE-2021-21864, CVE-2021-21863, CVE-2020-12069, CVE-2010-5250, CVE-2022-4048, CVE-2025-1468, CVE-2024-8175, CVE-2024-5000, CVE-2022-47391, CVE-2022-31805, CVE-2022-30792, CVE-2022-30791, CVE-2022-22519, CVE-2022-22517, CVE-2021-36765, CVE-2021-36764, CVE-2021-36763, CVE-2021-34593, CVE-2021-33486, CVE-2021-30195, CVE-2021-30186, CVE-2021-29241, CVE-2020-16233, CVE-2020-15806, CVE-2020-14519, CVE-2020-14515, CVE-2020-14513, CVE-2020-12067, CVE-2019-9012, CVE-2019-9009, CVE-2019-5105, CVE-2019-13532, CVE-2018-20026, CVE-2018-20025, CVE-2023-3670, CVE-2023-3662, CVE-2021-29242, CVE-2022-22514, CVE-2020-11023, CVE-2025-0694, CVE-2023-37559, CVE-2023-37558, CVE-2023-37557, CVE-2023-37556, CVE-2023-37555, CVE-2023-37554, CVE-2023-37553, CVE-2023-37552, CVE-2023-37551, CVE-2023-37550, CVE-2023-37549, CVE-2023-37548, CVE-2023-37547, CVE-2023-37546, CVE-2023-37545, CVE-2022-47393, CVE-2022-47392, CVE-2022-47378, CVE-2022-32141, CVE-2022-32140, CVE-2022-32139, CVE-2022-32136, CVE-2022-22513, CVE-2021-34596, CVE-2020-7052, CVE-2020-12068, CVE-2019-19789, CVE-2019-13542, CVE-2018-0739, CVE-2025-41658, CVE-2023-49676, CVE-2022-1989, CVE-2021-30187, CVE-2019-9011, CVE-2017-3735, CVE-2025-2595, CVE-2022-22508, CVE-2023-3669

https://certvde.com/en/advisories/vde-2025-108/

#CSAF https://festo.csaf-tp.certvde.com/.well-known/csaf/white/2026/fsa-202601.json

1
1
0
18h ago