Vulnerabilities > CVE-2021-34585 - Unchecked Return Value vulnerability in Codesys

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
codesys
CWE-252

Summary

In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service situation.

Vulnerable Configurations

Part Description Count
Application
Codesys
1

Common Weakness Enumeration (CWE)