CODESYS CVE Vulnerabilities & CVE List (136)

Products (CPE): — CVEs: 136

CODESYS vulnerability overview

Aggregates CVE and security vulnerability intelligence across all CODESYS-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk memory corruption and vendor risk buffer overflow and related problems; some flaws may lead to vendor impact file overwrite, affecting vendor surface production workloads scenarios.

Vulnerability distribution trend (last 24 months)

Showing 6180 of 136 CVEs
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2022-32139 In multiple CODESYS products, a low privileged remote attacker may craft a request, which cause an out-of-bounds read, resulting in a denial-of-service condition. User Interaction is not required. [email protected] 6.5 0.95% 2022-06-24 2026-06-17
CVE-2022-32138 In multiple CODESYS products, a remote attacker may craft a request which may cause an unexpected sign extension, resulting in a denial-of-service condition or memory overwrite. [email protected] 8.8 1.10% 2022-06-24 2026-06-17
CVE-2022-32137 In multiple CODESYS products, a low privileged remote attacker may craft a request, which may cause a heap-based buffer overflow, resulting in a denial-of-service condition or memory overwrite. User interaction is not required. [email protected] 8.8 1.29% 2022-06-24 2026-06-17
CVE-2022-32136 In multiple CODESYS products, a low privileged remote attacker may craft a request that cause a read access to an uninitialized pointer, resulting in a denial-of-service. User interaction is not required. [email protected] 6.5 0.95% 2022-06-24 2026-06-17
CVE-2022-31806 In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection is not enabled by default and there is no information or prompt to enable password protection at login in case no password is set at the controller. [email protected] 9.8 1.06% 2022-06-24 2026-06-17
CVE-2022-31805 In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected. [email protected] 7.5 0.95% 2022-06-24 2026-06-17
CVE-2022-31804 The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. An unauthenticated attacker may allocate an arbitrary amount of memory, which may lead to a crash of the Gateway due to an out-of-memory condition. [email protected] 7.5 1.03% 2022-06-24 2026-06-17
CVE-2022-31803 In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connections are not affected and therefore remain intact. [email protected] 5.3 1.03% 2022-06-24 2026-06-17
CVE-2022-31802 In CODESYS Gateway Server V2 for versions prior to V2.3.9.38 only a part of the the specified password is been compared to the real CODESYS Gateway password. An attacker may perform authentication by specifying a small password that matches the corresponding part of the longer real CODESYS Gateway password. [email protected] 9.8 1.18% 2022-06-24 2026-06-17
CVE-2022-1965 Multiple products of CODESYS implement a improper error handling. A low privilege remote attacker may craft a request, which is not properly processed by the error handling. In consequence, the file referenced by the request could be deleted. User interaction is not required. [email protected] 8.1 0.98% 2022-06-24 2026-06-17
CVE-2022-22519 A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system. [email protected] 7.5 1.40% 2022-04-07 2026-06-17
CVE-2022-22518 A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled, anonymous access to components part of the applied security policy. [email protected] 6.5 0.57% 2022-04-07 2026-06-17
CVE-2022-22517 An unauthenticated, remote attacker can disrupt existing communication channels between CODESYS products by guessing a valid channel ID and injecting packets. This results in the communication channel to be closed. [email protected] 7.5 1.27% 2022-04-07 2026-06-17
CVE-2022-22516 The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system user to read and write within restricted memory space. [email protected] 7.8 0.25% 2022-04-07 2026-06-17
CVE-2022-22515 A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products. [email protected] 8.1 1.07% 2022-04-07 2026-06-17
CVE-2022-22514 An authenticated, remote attacker can gain access to a dereferenced pointer contained in a request. The accesses can subsequently lead to local overwriting of memory in the CmpTraceMgr, whereby the attacker can neither gain the values read internally nor control the values to be written. If invalid memory is accessed, this results in a crash. [email protected] 7.1 0.86% 2022-04-07 2026-06-17
CVE-2022-22513 An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash. [email protected] 6.5 0.97% 2022-04-07 2026-06-17
CVE-2022-22510 Codesys Profinet in version V4.2.0.0 is prone to null pointer dereference that allows a denial of service (DoS) attack of an unauthenticated user via SNMP. [email protected] 7.5 0.96% 2022-02-02 2026-06-17
CVE-2021-34599 Affected versions of CODESYS Git in Versions prior to V1.1.0.0 lack certificate validation in HTTPS handshakes. CODESYS Git does not implement certificate validation by default, so it does not verify that the server provides a valid and trusted HTTPS certificate. Since the certificate of the server to which the connection is made is not properly verified, the server connection is vulnerable to a man-in-the-middle attack. [email protected] 7.4 0.46% 2021-12-01 2026-06-16
CVE-2021-34596 A crafted request may cause a read access to an uninitialized pointer in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition. [email protected] 6.5 0.83% 2021-10-26 2026-06-16
cvelogic Threat Intelligence