PT-2019-6356 · 3S Smart Software Solutions · Codesys Plcwinnt+2
Published
2019-12-18
·
Updated
2020-01-03
·
CVE-2019-19789
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
CODESYS SP Realtime NT versions prior to V2.3.7.28
CODESYS Runtime Toolkit 32 bit full versions prior to V2.4.7.54
CODESYS PLCWinNT versions prior to V2.4.7.54
Description
The issue is related to a NULL pointer dereference in the CODESYS SP Realtime NT, CODESYS Runtime Toolkit, and CODESYS PLCWinNT environments. This could allow a remote attacker to cause a denial of service.
Recommendations
For CODESYS SP Realtime NT versions prior to V2.3.7.28, update to version V2.3.7.28 or later.
For CODESYS Runtime Toolkit 32 bit full versions prior to V2.4.7.54, update to version V2.4.7.54 or later.
For CODESYS PLCWinNT versions prior to V2.4.7.54, update to version V2.4.7.54 or later.
Fix
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Codesys Plcwinnt
Codesys Runtime Toolkit
Codesys Sp Realtime Nt