Vulnerabilities > Codesys > Safety Sil2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-03 | CVE-2023-37551 | Unspecified vulnerability in Codesys products In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. | 6.5 |
| 2023-08-03 | CVE-2023-37552 | Unspecified vulnerability in Codesys products In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. | 6.5 |
| 2023-03-23 | CVE-2022-4224 | Unspecified vulnerability in Codesys products In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device. | 8.8 |
| 2020-01-24 | CVE-2020-7052 | Allocation of Resources Without Limits or Throttling vulnerability in Codesys products CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition. | 6.5 |
| 2019-09-17 | CVE-2019-9009 | Improper Handling of Exceptional Conditions vulnerability in Codesys products An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . | 7.5 |
| 2019-02-19 | CVE-2018-20026 | Unspecified vulnerability in Codesys products Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0. | 7.5 |
| 2019-02-19 | CVE-2018-20025 | Use of Insufficiently Random Values vulnerability in Codesys products Use of Insufficiently Random Values exists in CODESYS V3 products versions prior V3.5.14.0. | 7.5 |