PT-2021-3340 · 3S Smart Software Solutions · Codesys V2 Runtime System
Ivan Kurnakov
+1
·
Published
2021-05-25
·
Updated
2025-08-15
·
CVE-2021-30187
CVSS v3.1
5.3
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
CODESYS V2 runtime system SP versions prior to 2.4.7.55
Description
The issue arises from the improper neutralization of special elements used in an OS command, potentially allowing an attacker to impact the confidentiality, integrity, and availability of protected information.
Recommendations
For versions prior to 2.4.7.55, update to version 2.4.7.55 or later to resolve the issue.
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Codesys V2 Runtime System