First published: Mon May 03 2021(Updated: )
CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Codesys Control For Beaglebone Sl | >=3.0<4.0.1.0 | |
Codesys Control For Empc-a\/imx6 Sl | >=3.0<4.0.1.0 | |
Codesys Control For Iot2000 Sl | >=3.0<4.0.1.0 | |
Codesys Control For Linux Sl | >=3.0<4.0.1.0 | |
Codesys Control For Pfc100 Sl | >=3.0<3.5.16.0 | |
Codesys Control For Pfc200 Sl | >=3.0<3.5.16.0 | |
Codesys Control For Raspberry Pi Sl | >=3.0<4.0.1.0 | |
Codesys Control Runtime System Toolkit | >=3.0<3.5.16.70 | |
CODESYS Development System | >=3.0<3.5.16.70 | |
Codesys Edge Gateway | >=3.0<3.5.16.70 | |
Codesys Edge Gateway | >=3.0<4.1.0.0 | |
CODESYS Gateway | >=3.0<3.5.16.70 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-29241 is a vulnerability in CODESYS Gateway 3 before 3.5.16.70 that may result in a denial of service (DoS) due to a NULL pointer dereference.
CODESYS Control for Beaglebone SL, CODESYS Control for EMPC-A/IMX6 SL, CODESYS Control for IoT2000 SL, CODESYS Control for Linux SL, CODESYS Control for PFC100 SL, CODESYS Control for PFC200 SL, CODESYS Control for Raspberry Pi SL, CODESYS Control Runtime System Toolkit, CODESYS Development System, and CODESYS Edge Gateway versions between 3.0 and 4.0.1.0 may be affected.
CVE-2021-29241 has a severity score of 7.5 (High).
To fix CVE-2021-29241, update to CODESYS Gateway 3 version 3.5.16.70 or later.
You can find more information about CVE-2021-29241 in the references provided: [1] [2] [3].