Vulnerability CVE-2019-19789
Published: 2019-12-20

Description:
3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit full before V2.4.7.54, and CODESYS PLCWinNT before V2.4.7.54 allow a NULL pointer dereference.

Type:

CWE-476

 (NULL Pointer Dereference)

CVSS2 => (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4/10
2.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Codesys -> Plcwinnt 
Codesys -> Runtime toolkit 
Codesys -> Sp realtime nt 

 References:
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=12946&token=edd5d8e821edaf3189d36bb1cac1aa1bfc42351f&download
=
https://www.codesys.com
Copyright 2024, cxsecurity.com

 

Back to Top