VDE-2023-022
Aug. 3, 2023, 12:52 nachm.
The Notification Center of the CODESYS Development System receives messages without ensuring that the message was not modified during transmission. This finally enables MITMs code execution when the user clicks …
VDE-2023-021
Aug. 3, 2023, 12:48 nachm.
The CODESYS Development System is vulnerable to the execution of malicious binaries from the current working directory.
VDE-2023-019
Aug. 3, 2023, 12:42 nachm.
CODESYS Control V3 runtime systems are affected by several security vulnerabilities in the communication server implementations for the CODESYS protocol. These may be exploited by authenticated attackers.
VDE-2023-026
Mai 22, 2025, 3:03 nachm.
Multiple WAGO devices are prone to vulnerabilites in the used CODESYS V3 framework.
VDE-2023-014
Juli 31, 2023, 9:00 vorm.
A vulnerability allows Bluetooth LE pairing traffic to be sniffed and used to bypass authentication for pairing.
VDE-2023-024
Juli 28, 2023, 9:45 vorm.
In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful …
VDE-2023-011
Juli 5, 2023, 10:00 vorm.
Frauscher Diagnostic System FDS001 for FAdC R1 and FAdCi R1 v1.3.3 and all previous versions are vulnerable to a path traversal vulnerability of the web interface by a crafted URL …
VDE-2023-006
Juli 8, 2024, 12:00 nachm.
An authenticated attacker can send a malformed packet to trigger a device crash via the CODESYS V2 runtime commands parsing. Update: 08.07.2024 release date of the updates has been changed.