VDE-2024-057
April 3, 2025, 12:00 PM
The CODESYS web server component of the CODESYS Control runtime system is used by the CODESYS WebVisu to display visualization screens in a web browser. Receiving a specifically crafted TLS …
VDE-2024-046
Sept. 10, 2024, 4:00 PM
The OSCAT Basic library is one of several libraries developed and provided by OSCAT. OSCAT (oscat.de) stands for "Open Source Community for Automation Technology". The OSCAT Basic library offers function …
VDE-2024-026
May 14, 2025, 3:00 PM
The CODESYS OPC UA stack of the CODESYS Control runtime system may incorrectly calculate the required buffer size for received requests/responses. This can lead to a crash of the CODESYS …
VDE-2024-027
May 14, 2025, 3:00 PM
All legitimate local Microsoft Windows users can read or modify files that are located in the working directory of the affected CODESYS products, even if they are executed under a …
VDE-2024-024
May 14, 2025, 3:00 PM
Local attackers can cause affected CODESYS Development System V2.3 installations to crash or execute code by opening malicious project files. The CODESYS Development System V2.3 is an IEC 61131-3 programming …
VDE-2023-066
Dec. 5, 2023, 3:25 PM
UPDATE 29.02.2024: Removed "This version is planned for January 2024." from Solution as the updated version is released.On CODESYS Control runtimes running on Linux or QNX operating systems, successfully authenticated …
VDE-2023-035
Dec. 5, 2023, 8:00 AM
Several CODESYS setups contain and install vulnerable versions of the WIBU CodeMeter Runtime.
VDE-2023-025
Aug. 3, 2023, 1:18 PM
The CODESYS Control V3 runtime system does not restrict the memory accesses of the PLC application code to the PLC application data and does not sufficiently check the integrity of …