Vulnerabilities > Codesys > Runtime Toolkit > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-23 | CVE-2022-4224 | Unspecified vulnerability in Codesys products In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device. | 8.8 |
| 2021-10-26 | CVE-2021-34595 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Codesys Plcwinnt and Runtime Toolkit A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite. | 8.1 |
| 2021-08-03 | CVE-2021-33486 | Improper Handling of Exceptional Conditions vulnerability in Codesys Runtime Toolkit All versions of the CODESYS V3 Runtime Toolkit for VxWorks from version V3.5.8.0 and before version V3.5.17.10 have Improper Handling of Exceptional Conditions. | 7.5 |
| 2021-05-25 | CVE-2021-30186 | Out-of-bounds Write vulnerability in Codesys Plcwinnt and Runtime Toolkit CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based Buffer Overflow. | 7.5 |
| 2021-05-25 | CVE-2021-30195 | Out-of-bounds Read vulnerability in Codesys Plcwinnt and Runtime Toolkit CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation. | 7.5 |
| 2019-08-15 | CVE-2019-9013 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Codesys products An issue was discovered in 3S-Smart CODESYS V3 products. | 8.8 |