PT-2019-6356 · 3S Smart Software Solutions · Codesys Plcwinnt+2
Publicado
2019-12-18
·
Atualizado
2020-01-03
·
CVE-2019-19789
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:L/Au:S/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
CODESYS SP Realtime NT versions prior to V2.3.7.28
CODESYS Runtime Toolkit 32 bit full versions prior to V2.4.7.54
CODESYS PLCWinNT versions prior to V2.4.7.54
Description
The issue is related to a NULL pointer dereference in the CODESYS SP Realtime NT, CODESYS Runtime Toolkit, and CODESYS PLCWinNT environments. This could allow a remote attacker to cause a denial of service.
Recommendations
For CODESYS SP Realtime NT versions prior to V2.3.7.28, update to version V2.3.7.28 or later.
For CODESYS Runtime Toolkit 32 bit full versions prior to V2.4.7.54, update to version V2.4.7.54 or later.
For CODESYS PLCWinNT versions prior to V2.4.7.54, update to version V2.4.7.54 or later.
Correção
NULL Pointer Dereference
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Codesys Plcwinnt
Codesys Runtime Toolkit
Codesys Sp Realtime Nt