Codesys: >> Codesys >> 3.5.9.60 Security Vulnerabilities
An unauthenticated attacker can trick a local user into executing arbitrary code by opening a deliberately manipulated CODESYS project file with a CODESYS development system. This arbitrary code is executed in the user context.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-12-01
3S-Smart Software Solutions GmbH CODESYS V3 Library Manager, all versions prior to 3.5.16.0, allows the system to display active library content without checking its validity, which may allow the contents of manipulated libraries to be displayed or executed. The issue also exists for source libraries, but 3S-Smart Software Solutions GmbH strongly recommends distributing compiled libraries only.
CVSS Score
8.6
EPSS Score
0.002
Published
2019-09-17