PT-2021-20564 · 3S Smart Software Solutions · Codesys V2

Tenable Research

Published

2021-10-26

Updated

2025-08-15

CVE-2021-34583

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: CODESYS V2 versions prior to 1.1.9.22

Description: The issue is caused by crafted web server requests that may lead to a heap-based buffer overflow, potentially triggering a denial-of-service condition due to a crash in the web server.

Recommendations: For versions prior to 1.1.9.22, update to version 1.1.9.22 or later to resolve the issue.

Exploit

Fix

Heap Based Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122CWE-787

Related Identifiers

CVE-2021-34583

Affected Products

Codesys V2

PT-2021-20564 · 3S Smart Software Solutions · Codesys V2

CVE-2021-34583

Weakness Enumeration

Related Identifiers

Affected Products

References · 6