C

Codesys Security Vulnerabilities (CVE)

Explore vulnerabilities and security advisories affecting Codesys products.

4 known CVE vulnerabilities tracked

Critical
1
High
3
Medium
0
Low
0
None
0

Vulnerabilities By Year

2
2021
2
2026

Products Affected

Development System 2 Control For Beaglebone Sl 1 Control 1

All Codesys CVEs

Recent Highest Score Oldest
CVE-2026-44469
7.8 high

The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before insta

Development System May 26, 2026
CVE-2026-44468
7.8 high

The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary co

Development System May 26, 2026
CVE-2021-33485
9.8 critical

CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.

Control Aug 3, 2021
CVE-2021-29241
7.5 high

CODESYS Gateway 3 before 3.5.16.70 has a NULL pointer dereference that may result in a denial of service (DoS).

Control For Beaglebone Sl May 3, 2021