CVE-2021-30189

Name of the Vulnerable Software and Affected Versions CODESYS V2 Web-Server versions prior to 1.1.9.20

Description The issue is caused by a buffer overflow in the dynamic memory of the CODESYS V2.3 web server, which is part of the CODESYS industrial automation software complex. This can allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. The vulnerability is described as a stack-based buffer overflow.

Recommendations For versions prior to 1.1.9.20, update to version 1.1.9.20 or later to resolve the issue. As a temporary workaround, consider restricting access to the web server to minimize the risk of exploitation.