First published: Wed Nov 20 2019(Updated: )
CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Control runtime systems, has a Buffer Overflow.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Codesys Control For Beaglebone | <3.5.15.20 | |
Codesys Control For Empc-a\/imx6 | <3.5.15.20 | |
Codesys Control For Iot2000 | <3.5.15.20 | |
Codesys Control For Linux | <3.5.15.20 | |
Codesys Control For Pfc100 | <3.5.15.20 | |
Codesys Control For Pfc200 | <3.5.15.20 | |
Codesys Control For Plcnext | <3.5.15.20 | |
Codesys Control For Raspberry Pi | <3.5.15.20 | |
Codesys Control Rte | <3.5.15.20 | |
Codesys Control Runtime System Toolkit | <3.5.15.20 | |
Codesys Control Win | <3.5.15.20 | |
Codesys Embedded Target Visu Toolkit | <3.5.15.20 | |
Codesys Hmi | <3.5.15.20 | |
Codesys Remote Target Visu Toolkit | <3.5.15.20 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-18858 is a vulnerability in the CODESYS 3 web server, before version 3.5.15.20, that could lead to a buffer overflow.
CVE-2019-18858 has a severity score of 9.8, making it a critical vulnerability.
CODESYS Control runtime systems with versions up to (but not including) 3.5.15.20 are affected by CVE-2019-18858.
To fix CVE-2019-18858, it is recommended to update CODESYS Control runtime systems to version 3.5.15.20 or later.
CVE-2019-18858 is associated with CWE-119 and CWE-120.