CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
69.5%
CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.
Vendor | Product | Version | CPE |
---|---|---|---|
codesys | control_for_beaglebone | * | cpe:2.3:a:codesys:control_for_beaglebone:*:*:*:*:*:*:*:* |
codesys | control_for_empc-a\/imx6 | * | cpe:2.3:a:codesys:control_for_empc-a\/imx6:*:*:*:*:*:*:*:* |
codesys | control_for_iot2000 | * | cpe:2.3:a:codesys:control_for_iot2000:*:*:*:*:*:*:*:* |
codesys | control_for_linux | * | cpe:2.3:a:codesys:control_for_linux:*:*:*:*:*:*:*:* |
codesys | control_for_pfc100 | * | cpe:2.3:a:codesys:control_for_pfc100:*:*:*:*:*:*:*:* |
codesys | control_for_pfc200 | * | cpe:2.3:a:codesys:control_for_pfc200:*:*:*:*:*:*:*:* |
codesys | control_for_plcnext | * | cpe:2.3:a:codesys:control_for_plcnext:*:*:*:*:*:*:*:* |
codesys | control_for_raspberry_pi | * | cpe:2.3:a:codesys:control_for_raspberry_pi:*:*:*:*:*:*:*:* |
codesys | control_rte | * | cpe:2.3:a:codesys:control_rte:*:*:*:*:*:*:*:* |
codesys | control_rte | * | cpe:2.3:a:codesys:control_rte:*:*:*:*:*:beckhoff_cx:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
69.5%