CVE-2021-29241: Null Pointer Dereference
First published: Mon May 03 2021(Updated: )
CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Codesys Control For Beaglebone Sl | >=3.0<4.0.1.0 | |
| Codesys Control For Empc-a\/imx6 Sl | >=3.0<4.0.1.0 | |
| Codesys Control For Iot2000 Sl | >=3.0<4.0.1.0 | |
| Codesys Control For Linux Sl | >=3.0<4.0.1.0 | |
| Codesys Control For Pfc100 Sl | >=3.0<3.5.16.0 | |
| Codesys Control For Pfc200 Sl | >=3.0<3.5.16.0 | |
| Codesys Control For Raspberry Pi Sl | >=3.0<4.0.1.0 | |
| Codesys Control Runtime System Toolkit | >=3.0<3.5.16.70 | |
| CODESYS Development System | >=3.0<3.5.16.70 | |
| Codesys Edge Gateway | >=3.0<3.5.16.70 | |
| Codesys Edge Gateway | >=3.0<4.1.0.0 | |
| CODESYS Gateway | >=3.0<3.5.16.70 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-29241?
CVE-2021-29241 is a vulnerability in CODESYS Gateway 3 before 3.5.16.70 that may result in a denial of service (DoS) due to a NULL pointer dereference.
Which software versions are affected by CVE-2021-29241?
CODESYS Control for Beaglebone SL, CODESYS Control for EMPC-A/IMX6 SL, CODESYS Control for IoT2000 SL, CODESYS Control for Linux SL, CODESYS Control for PFC100 SL, CODESYS Control for PFC200 SL, CODESYS Control for Raspberry Pi SL, CODESYS Control Runtime System Toolkit, CODESYS Development System, and CODESYS Edge Gateway versions between 3.0 and 4.0.1.0 may be affected.
What is the severity of CVE-2021-29241?
CVE-2021-29241 has a severity score of 7.5 (High).
How can I fix CVE-2021-29241?
To fix CVE-2021-29241, update to CODESYS Gateway 3 version 3.5.16.70 or later.
Where can I find more information about CVE-2021-29241?
You can find more information about CVE-2021-29241 in the references provided: [1] [2] [3].
- collector/nvd-index
- agent/references
- agent/weakness
- agent/type
- agent/event
- agent/severity
- agent/author
- agent/description
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/codesys
- canonical/codesys control for beaglebone sl
- version/codesys control for beaglebone sl/3.0
- canonical/codesys control for empc-a\/imx6 sl
- version/codesys control for empc-a\/imx6 sl/3.0
- canonical/codesys control for iot2000 sl
- version/codesys control for iot2000 sl/3.0
- canonical/codesys control for linux sl
- version/codesys control for linux sl/3.0
- canonical/codesys control for pfc100 sl
- version/codesys control for pfc100 sl/3.0
- canonical/codesys control for pfc200 sl
- version/codesys control for pfc200 sl/3.0
- canonical/codesys control for raspberry pi sl
- version/codesys control for raspberry pi sl/3.0
- canonical/codesys control runtime system toolkit
- version/codesys control runtime system toolkit/3.0
- canonical/codesys development system
- version/codesys development system/3.0
- canonical/codesys edge gateway
- version/codesys edge gateway/3.0
- canonical/codesys gateway
- version/codesys gateway/3.0