Vulnerabilities > Codesys > Control WIN

DATE CVE VULNERABILITY TITLE RISK
2019-09-17 CVE-2019-9009 Improper Handling of Exceptional Conditions vulnerability in Codesys products
An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 .
network
low complexity
codesys CWE-755
7.5
2019-09-17 CVE-2019-9008 Incorrect Permission Assignment for Critical Resource vulnerability in Codesys products
An issue was discovered in 3S-Smart CODESYS V3 through 3.5.12.30.
network
low complexity
codesys CWE-732
8.8
2019-09-13 CVE-2019-13548 Out-of-bounds Write vulnerability in Codesys products
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution.
network
low complexity
codesys CWE-787
critical
9.8
2019-09-13 CVE-2019-13532 Path Traversal vulnerability in Codesys products
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which may allow access to files outside the restricted working directory of the controller.
network
low complexity
codesys CWE-22
7.5