VDE-2025-013
Juni 5, 2025, 3:31 nachm.
The CODESYS Gateway enables communication between CODESYS runtimes and other clients, primarily the CODESYS Development System V3. It is usually installed as a part of the CODESYS Development System V3 …
VDE-2025-015
Juni 5, 2025, 3:31 nachm.
A low privileged attacker with physical access to a controller, that supports removable media and is running a CODESYS Control runtime system, can exploit the insufficient path validation by connecting …
VDE-2025-001
Juni 5, 2025, 3:31 nachm.
The CODESYS Key USB dongle, which is based on WIBU CodeMeter technology, is affected by a physical side-channel vulnerability.
VDE-2024-057
April 3, 2025, 12:00 nachm.
The CODESYS web server component of the CODESYS Control runtime system is used by the CODESYS WebVisu to display visualization screens in a web browser. Receiving a specifically crafted TLS …
VDE-2024-046
Sept. 10, 2024, 4:00 nachm.
The OSCAT Basic library is one of several libraries developed and provided by OSCAT. OSCAT (oscat.de) stands for "Open Source Community for Automation Technology". The OSCAT Basic library offers function …
VDE-2024-026
Mai 14, 2025, 3:00 nachm.
The CODESYS OPC UA stack of the CODESYS Control runtime system may incorrectly calculate the required buffer size for received requests/responses. This can lead to a crash of the CODESYS …
VDE-2024-027
Mai 14, 2025, 3:00 nachm.
All legitimate local Microsoft Windows users can read or modify files that are located in the working directory of the affected CODESYS products, even if they are executed under a …
VDE-2024-024
Mai 14, 2025, 3:00 nachm.
Local attackers can cause affected CODESYS Development System V2.3 installations to crash or execute code by opening malicious project files. The CODESYS Development System V2.3 is an IEC 61131-3 programming …