CVE-2021-29241 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 69%

Vendor	Product	Version
codesys	control_for_beaglebone_sl	3.0 ≤ 𝑥 < 4.0.1.0
codesys	control_for_empc-a\/imx6_sl	3.0 ≤ 𝑥 < 4.0.1.0
codesys	control_for_iot2000_sl	3.0 ≤ 𝑥 < 4.0.1.0
codesys	control_for_linux_sl	3.0 ≤ 𝑥 < 4.0.1.0
codesys	control_for_pfc100_sl	3.0 ≤ 𝑥 < 3.5.16.0
codesys	control_for_pfc200_sl	3.0 ≤ 𝑥 < 3.5.16.0
codesys	control_for_raspberry_pi_sl	3.0 ≤ 𝑥 < 4.0.1.0
codesys	control_runtime_system_toolkit	3.0 ≤ 𝑥 < 3.5.16.70
codesys	development_system	3.0 ≤ 𝑥 < 3.5.16.70
codesys	edge_gateway	3.0 ≤ 𝑥 < 3.5.16.70
codesys	edge_gateway	3.0 ≤ 𝑥 < 4.1.0.0
codesys	gateway	3.0 ≤ 𝑥 < 3.5.16.70

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-476 - NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

References

https://customers.codesys.com/index.php

https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14637&token=8dbd75ae7553ae3be25e22f741db783b31e14799&download=

https://www.codesys.com/security/security-reports.html

https://customers.codesys.com/index.php

https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=14637&token=8dbd75ae7553ae3be25e22f741db783b31e14799&download=

https://www.codesys.com/security/security-reports.html