Vulnerabilities > Codesys > Development System > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-03 CVE-2023-37556 Unspecified vulnerability in Codesys products
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition.
network
low complexity
codesys
6.5
2023-08-03 CVE-2023-37557 Out-of-bounds Write vulnerability in Codesys products
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted remote communication requests can cause the CmpAppBP component to overwrite a heap-based buffer, which can lead to a denial-of-service condition.
network
low complexity
codesys CWE-787
6.5
2023-08-03 CVE-2023-37558 Unspecified vulnerability in Codesys products
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition.
network
low complexity
codesys
6.5
2023-08-03 CVE-2023-37559 Unspecified vulnerability in Codesys products
After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition.
network
low complexity
codesys
6.5
2023-08-03 CVE-2023-37545 Unspecified vulnerability in Codesys products
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition.
network
low complexity
codesys
6.5
2022-04-07 CVE-2022-22513 NULL Pointer Dereference vulnerability in Codesys products
An authenticated remote attacker can cause a null pointer dereference in the CmpSettings component of the affected CODESYS products which leads to a crash.
network
low complexity
codesys CWE-476
6.5
2020-05-14 CVE-2020-12068 Unspecified vulnerability in Codesys products
An issue was discovered in CODESYS Development System before 3.5.16.0.
network
low complexity
codesys
6.5