Abb Ag

**Name of the Vulnerable Software and Affected Versions** CODESYS Control (affected versions not specified) **Description** Insufficient authorization verification occurs during the deletion of user accounts. An authenticated remote user with low privileges can exploit this flaw to delete other user accounts, including those with higher privilege levels. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CODESYS Control Runtime System (affected versions not specified) **Description** An unauthenticated remote attacker, who exploits a race condition, can trigger an out-of-bounds read via crafted socket communication in the communication servers of the CODESYS Control runtime system. This can potentially cause a denial of service. The issue affects systems running on Linux and QNX. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.