GCVE - cpe:2.3:a:codesys:control_rte:*:*:*:*:*:beckhoff_cx:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:codesys:control_rte:*:*:*:*:*:beckhoff_cx:*:*

part: a version: * update: *

Vendor	Codesys (`4a5dbd6f-1914-5b18-8641-403ab498c199`)
Product	Control Rte (`d5b9045e-cbbc-50bd-98fb-662c55f8fdf1`)
Edition	*
Language	*
Software edition	*
Target software	beckhoff_cx
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-36763`	vulnerable	2026-06-03 14:44:59.122717	Details available In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties. Published: 2021-08-03T15:49:10.000Z Updated: 2024-08-04T01:01:58.779Z Open on db.gcve.eu Reference links https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16803&token=0b8edf9276dc39ee52f43026c415c5b38085d90a&download=	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-33485`	vulnerable	2026-06-03 14:44:43.308303	Details available CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow. Published: 2021-08-03T15:44:56.000Z Updated: 2026-05-29T14:02:56.628Z Open on db.gcve.eu Reference links https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14805&token=f0b86f99bb302ddd4aadec483aed5f5d3fddbf1a&download=	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-29242`	vulnerable	2026-06-03 14:44:19.825166	Details available CODESYS Control Runtime system before 3.5.17.0 has improper input validation. Attackers can send crafted communication packets to change the router's addressing scheme and may re-route, add, remove or change low level communication packages. Published: 2021-05-03T13:56:06.000Z Updated: 2024-08-03T22:02:51.582Z Open on db.gcve.eu Reference links https://customers.codesys.com/index.php https://www.codesys.com/security/security-reports.html https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14640&token=623b6fceb0579ef0f7505e29beefa5b3f8ac7873&download=	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-7052`	vulnerable	2026-06-03 14:43:05.205911	Details available CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition. Published: 2020-01-24T19:31:59.000Z Updated: 2024-08-04T09:18:02.939Z Open on db.gcve.eu Reference links https://www.tenable.com/security/research/tra-2020-04 https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12977&token=33f948eed0c2fd69d238d9515779be337ef7592d&download=	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-15806`	vulnerable	2026-06-03 14:41:46.701883	Details available CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation. Published: 2020-07-22T18:14:43.000Z Updated: 2024-08-04T13:30:22.371Z Open on db.gcve.eu Reference links https://www.codesys.com https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13199&token=3e283c3e73fed61f7c181a7fa1169477efaf0c58&download= https://www.tenable.com/security/research/tra-2020-46	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-10245`	vulnerable	2026-06-03 14:40:59.670334	Details available CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow. Published: 2020-03-26T03:45:20.000Z Updated: 2024-08-04T10:58:39.676Z Open on db.gcve.eu Reference links https://www.tenable.com/security/research/tra-2020-16 https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=13078&token=de344ca65252463cc581ef144e0c53bd97b8f211&download=	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.