This page lists publicly disclosed CVE vulnerabilities affecting codesys control_for_plcnext (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2020-12069 | In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device. | [email protected] | 7.8 | 0.08% | 2022-12-26 | 2025-05-05 |
| CVE-2022-30792 | In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected. | [email protected] | 7.5 | 0.39% | 2022-07-11 | 2024-11-21 |
| CVE-2022-30791 | In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected. | [email protected] | 7.5 | 0.39% | 2022-07-11 | 2024-11-21 |
| CVE-2020-15806 | CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation. | [email protected] | 7.5 | 0.46% | 2020-07-22 | 2024-11-21 |
| CVE-2020-12068 | An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS WebVisu and CODESYS Remote TargetVisu are susceptible to privilege escalation. | [email protected] | 6.5 | 0.24% | 2020-05-14 | 2024-11-21 |
| CVE-2020-10245 | CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow. | [email protected] | 9.8 | 1.41% | 2020-03-26 | 2024-11-21 |
| CVE-2020-7052 | CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition. | [email protected] | 6.5 | 0.59% | 2020-01-24 | 2024-11-21 |
| CVE-2019-18858 | CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow. | [email protected] | 9.8 | 0.41% | 2019-11-20 | 2024-11-21 |