Shodan
Vulnerabilities
Vulnerable Software
Codesys:  >> Development System  >> 3.5.16.0  Security Vulnerabilities
CVE-2021-21863
A unsafe deserialization vulnerability exists in the ComponentModel Profile.FromFile() functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Score
8.8
EPSS Score
0.012
Published
2021-08-05
CVE-2021-21866
A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation.ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Score
8.8
EPSS Score
0.017
Published
2021-08-02
CVE-2021-21864
A unsafe deserialization vulnerability exists in the ComponentModel ComponentManager.StartupCultureSettings functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Score
7.8
EPSS Score
0.017
Published
2021-08-02
CVE-2021-21865
A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone() functionality of CODESYS GmbH CODESYS Development System 3.5.16. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability.
CVSS Score
8.8
EPSS Score
0.013
Published
2021-08-02
CVE-2021-29240
The Package Manager of CODESYS Development System 3 before 3.5.17.0 does not check the validity of packages before installation and may be used to install CODESYS packages with malicious content.
CVSS Score
7.8
EPSS Score
0.009
Published
2021-05-04
CVE-2021-29239
CODESYS Development System 3 before 3.5.17.0 displays or executes malicious documents or files embedded in libraries without first checking their validity.
CVSS Score
7.8
EPSS Score
0.002
Published
2021-05-03
CVE-2021-29241
CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).
CVSS Score
7.5
EPSS Score
0.014
Published
2021-05-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved