Vulnerabilities > CVE-2019-19789 - NULL Pointer Dereference vulnerability in Codesys Plcwinnt, Runtime Toolkit and SP Realtime NT

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

codesys

CWE-476

NVD

Published: 2019-12-20

Updated: 2020-01-03

Summary

3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit full before V2.4.7.54, and CODESYS PLCWinNT before V2.4.7.54 allow a NULL pointer dereference.

Vulnerable Configurations

Part	Description	Count
Application	Codesys Codesys SP Realtime NT - Codesys Plcwinnt - Codesys Runtime Toolkit -	3

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12946&token=edd5d8e821edaf3189d36bb1cac1aa1bfc42351f&download=
https://www.codesys.com