Vulnerabilities > Codesys > Control FOR Iot2000 > 3.5.15.30

DATE CVE VULNERABILITY TITLE RISK
2022-12-26 CVE-2020-12069 Use of Password Hash With Insufficient Computational Effort vulnerability in multiple products
In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm.
local
low complexity
pilz codesys festo wago CWE-916
7.8
2020-07-22 CVE-2020-15806 Memory Leak vulnerability in Codesys products
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation.
network
low complexity
codesys CWE-401
7.5
2020-05-14 CVE-2020-12068 Unspecified vulnerability in Codesys products
An issue was discovered in CODESYS Development System before 3.5.16.0.
network
low complexity
codesys
6.5
2020-03-26 CVE-2020-10245 Out-of-bounds Write vulnerability in Codesys products
CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.
network
low complexity
codesys CWE-787
critical
9.8