In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| codesys | development_system | 2.3.9.69 | - |
| codesys | edge_gateway | 3.5.18.30 | - |
| codesys | gateway | 2.3.9.38 |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
10
Affected Products
2
References
codesys / development_system
| - |
| codesys | hmi_sl | 3.5.18.30 | - |
| codesys | opc_server | 3.5.18.30 | - |
| codesys | plchandler | 3.5.18.30 | - |
| codesys | plcwinnt | 2.4.7.57 | - |
| codesys | runtime_toolkit | 2.4.7.57 | - |
| codesys | sp_realtime_nt | 2.3.7.30 | - |
| codesys | web_server | 1.1.9.23 | - |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability
Impact