First published: Fri Jan 24 2020(Updated: )
CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Codesys Control For Beaglebone | <3.5.15.30 | |
Codesys Control For Empc-a\/imx6 | <3.5.15.30 | |
Codesys Control For Iot2000 | <3.5.15.30 | |
Codesys Control For Linux | <3.5.15.30 | |
Codesys Control For Pfc100 | <3.5.15.30 | |
Codesys Control For Pfc200 | <3.5.15.30 | |
Codesys Control For Plcnext | <3.5.15.30 | |
Codesys Control For Raspberry Pi | <3.5.15.30 | |
Codesys Control Rte | >=3.5.8.60<3.5.15.30 | |
Codesys Control Rte | >=3.5.8.60<3.5.15.30 | |
Codesys Control Runtime System Toolkit | >=3.0<3.5.15.30 | |
Codesys Control Win | >=3.5.9.80<3.5.15.30 | |
CODESYS Gateway | >=3.5.15.10<3.5.15.30 | |
Codesys Hmi | >=3.5.10.0<3.5.15.30 | |
Codesys Safety Sil2 | >=3.0<3.5.15.30 | |
Codesys Simulation Runtime | >=3.5.9.40<3.5.15.30 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-7052 is a vulnerability in CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 that allows uncontrolled memory allocation, leading to a remote denial of service condition.
CODESYS Control V3, Gateway V3, and HMI V3 versions up to 3.5.15.30 are affected by CVE-2020-7052.
CVE-2020-7052 has a severity rating of 6.5, which is categorized as medium.
CVE-2020-7052 can be exploited by an attacker to trigger uncontrolled memory allocation, resulting in a remote denial of service.
Yes, you can find references for CVE-2020-7052 at the following links: [Link 1](https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12977&token=33f948eed0c2fd69d238d9515779be337ef7592d&download=) and [Link 2](https://www.tenable.com/security/research/tra-2020-04).