Codesys Control for emPC-A//iMX6 3.5.15.40

CPE Details

Codesys Control for emPC-A//iMX6 3.5.15.40
codesys
control_for_empc-a\/imx6
3.5.15.40
2020-03-27
13h53 +00:00
2021-03-17
19h34 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:codesys:control_for_empc-a\/imx6:3.5.15.40:*:*:*:*:*:*:*

Informations

Vendor

codesys

Product

control_for_empc-a\/imx6

Version

3.5.15.40

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-6357 2023-12-05 14h29 +00:00 A low-privileged remote attacker could exploit the vulnerability and inject additional system commands via file system libraries which could give the attacker full control of the device.
8.8
High
CVE-2020-12069 2022-12-25 23h00 +00:00 In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can be used by a local attacker with low privileges to gain full control of the device.
7.8
High
CVE-2022-30792 2022-07-11 10h40 +00:00 In CmpChannelServer of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new communication channel connections. Existing connections are not affected.
7.5
High
CVE-2022-30791 2022-07-11 10h40 +00:00 In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected.
7.5
High
CVE-2020-15806 2020-07-22 16h14 +00:00 CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation.
7.5
High
CVE-2020-12068 2020-05-14 18h29 +00:00 An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS WebVisu and CODESYS Remote TargetVisu are susceptible to privilege escalation.
6.5
Medium