This page lists publicly disclosed CVE vulnerabilities affecting codesys control_for_linux_arm_sl (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-41738 | An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service (DoS) condition. | [email protected] | 7.5 | 0.33% | 2025-12-01 | 2026-02-23 |
| CVE-2023-6357 | A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device. | [email protected] | 8.8 | 0.96% | 2023-12-05 | 2024-11-21 |
| CVE-2021-29242 | CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages. | [email protected] | 7.3 | 1.07% | 2021-05-03 | 2024-11-21 |