Lucene search

[email protected]NVD:CVE-2021-29241

HistoryMay 03, 2021 - 2:15 p.m.

CVE-2021-29241

2021-05-0314:15:07

CWE-476

[email protected]

web.nvd.nist.gov

codesys gateway 3

null pointer dereference

dos

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

56.7%

JSON

CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).

Affected configurations

Nvd

Node

codesyscontrol_for_beaglebone_slRange3.0–4.0.1.0

codesyscontrol_for_empc-a\/imx6_slRange3.0–4.0.1.0

codesyscontrol_for_iot2000_slRange3.0–4.0.1.0

codesyscontrol_for_linux_slRange3.0–4.0.1.0

codesyscontrol_for_pfc100_slRange3.0–3.5.16.0

codesyscontrol_for_pfc200_slRange3.0–3.5.16.0

codesyscontrol_for_raspberry_pi_slRange3.0–4.0.1.0

codesyscontrol_runtime_system_toolkitRange3.0–3.5.16.70

codesysdevelopment_systemRange3.0–3.5.16.70

codesysedge_gatewayRange3.0–3.5.16.70windows

codesysedge_gatewayRange3.0–4.1.0.0linux

codesysgatewayRange3.0–3.5.16.70

VendorProductVersionCPE
codesyscontrol_for_beaglebone_sl*cpe:2.3:a:codesys:control_for_beaglebone_sl:*:*:*:*:*:*:*:*
codesyscontrol_for_empc-a\/imx6_sl*cpe:2.3:a:codesys:control_for_empc-a\/imx6_sl:*:*:*:*:*:*:*:*
codesyscontrol_for_iot2000_sl*cpe:2.3:a:codesys:control_for_iot2000_sl:*:*:*:*:*:*:*:*
codesyscontrol_for_linux_sl*cpe:2.3:a:codesys:control_for_linux_sl:*:*:*:*:*:*:*:*
codesyscontrol_for_pfc100_sl*cpe:2.3:a:codesys:control_for_pfc100_sl:*:*:*:*:*:*:*:*
codesyscontrol_for_pfc200_sl*cpe:2.3:a:codesys:control_for_pfc200_sl:*:*:*:*:*:*:*:*
codesyscontrol_for_raspberry_pi_sl*cpe:2.3:a:codesys:control_for_raspberry_pi_sl:*:*:*:*:*:*:*:*
codesyscontrol_runtime_system_toolkit*cpe:2.3:a:codesys:control_runtime_system_toolkit:*:*:*:*:*:*:*:*
codesysdevelopment_system*cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*
codesysedge_gateway*cpe:2.3:a:codesys:edge_gateway:*:*:*:*:*:windows:*:*

Vendor	Product	Version	CPE
codesys	control_for_beaglebone_sl	*	cpe:2.3:a:codesys:control_for_beaglebone_sl::::::::
codesys	control_for_empc-a\/imx6_sl	*	cpe:2.3:a:codesys:control_for_empc-a\/imx6_sl::::::::
codesys	control_for_iot2000_sl	*	cpe:2.3:a:codesys:control_for_iot2000_sl::::::::
codesys	control_for_linux_sl	*	cpe:2.3:a:codesys:control_for_linux_sl::::::::
codesys	control_for_pfc100_sl	*	cpe:2.3:a:codesys:control_for_pfc100_sl::::::::
codesys	control_for_pfc200_sl	*	cpe:2.3:a:codesys:control_for_pfc200_sl::::::::
codesys	control_for_raspberry_pi_sl	*	cpe:2.3:a:codesys:control_for_raspberry_pi_sl::::::::
codesys	control_runtime_system_toolkit	*	cpe:2.3:a:codesys:control_runtime_system_toolkit::::::::
codesys	development_system	*	cpe:2.3:a:codesys:development_system::::::::
codesys	edge_gateway	*	cpe:2.3:a:codesys:edge_gateway::::::windows::*

Rows per page:

1-10 of 121

References

customers.codesys.com/index.php

customers.codesys.com/index.php?eID=dumpFile&t=f&f=14637&token=8dbd75ae7553ae3be25e22f741db783b31e14799&download=

www.codesys.com/security/security-reports.html

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

56.7%

JSON

Related for NVD:CVE-2021-29241

prion1 cve1 cvelist1 threatpost1 thn1